9 matches found
EulerOS 2.0 SP11 : openssh (EulerOS-SA-2026-2257)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a...
Amazon Linux 2023 : runfinch-finch (ALAS2023-2026-1809)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1809 advisory. An authenticated SSH client that repeatedly opened channels which were rejected by the server caused unbounded memory growth, eventually crashing the server process and affecting all connected...
MiracleLinux 8 : openssh-8.0p1-19.el8_9.2 (AXSA:2024-7493:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7493:01 advisory. ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 openssh: potential command injection via shell metacharacters...
Security Bulletin: Astronomer with IBM is vulnerable to several issues due to open source packages
Summary Open source software is used by Astronomer with IBM as part of overall processing functionality. Vulnerability Details CVEID:CVE-2007-2243 DESCRIPTION: OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user...
AIX is vulnerable to a denial of service (CVE-2025-26466) and a machine-in-the-middle attack (CVE-2025-26465) due to OpenSSH
IBM SECURITY ADVISORY First Issued: Mon Mar 17 15:30:45 CDT 2025 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/opensshadvisory18.asc Security Bulletin: AIX is vulnerable to a denial of service CVE-2025-26466 and a machine-in-the-middl...
Vulnerabilities fixed in NetApp Clustered Data ONTAP
NetApp has released updates to fix vulnerabilities in several third-party components for Clustered Data ONTAP. The vulnerabilities are in OpenSSL, PHP, OpenSSH and Apache and enable a malicious party to cause a denial-of-service cause, gain access to sensitive data and potentially manipulate data...
USN-3538-1 openssh vulnerabilities
Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this issue to execute arbitrary PKCS11 modules. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10009 Jann Horn discovered that OpenSSH...
Vulnerabilities of the Gentoo Linux operating system, which allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the openssh package up to version 4.7p1-r6 of the Gentoo Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...
FreeBSD-SA-01:24.ssh
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:24 Security Advisory FreeBSD, Inc. Topic: SSH1 implementations may allow remote system, data compromise Category: core/ports Module: openssh, ssh Announced: 2001-02-12...