Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2024-1222)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : libssh2 (EulerOS-SA-2024-1317)

According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

EulerOS 2.0 SP11 : python-paramiko (EulerOS-SA-2024-1224)

According to the versions of the python-paramiko package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to...

EulerOS 2.0 SP11 : libssh2 (EulerOS-SA-2024-1239)

According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

EulerOS 2.0 SP11 : proftpd (EulerOS-SA-2024-1222)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

EulerOS 2.0 SP10 : proftpd (EulerOS-SA-2024-1345)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

EulerOS 2.0 SP11 : proftpd (EulerOS-SA-2024-1244)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

EulerOS 2.0 SP11 : libssh2 (EulerOS-SA-2024-1217)

According to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

openSUSE Security Advisory (openSUSE-SU-2024:0008-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for proftpd (openSUSE-SU-2023:0421-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Rocky Linux 8 : libssh (RLSA-2024:0628)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0628 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bouncycastle, jsch (SUSE-SU-2024:0327-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0327-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

FreeBSD : rclone -- Multiple vulnerabilities (b5e22ec5-bc4b-11ee-b0b5-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the b5e22ec5-bc4b-11ee-b0b5-b42e991fc52e advisory. - A race condition in go-resty can result in HTTP request body disclosure across requests. Thi...

Debian dla-3719 : php-seclib - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3719 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3719-1 [email protected] https://www.debian.org/lts/security/...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Paramiko vulnerability (USN-6598-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by a vulnerability as referenced in the USN-6598-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacke...

OESA-2024-1075 proftpd security update

ProFTPD is an enhanced FTP server with a focus toward simplicity, security, and ease of configuration. It features a very Apache-like configuration syntax, and a highly customizable server infrastructure, including support for multiple 'virtual' FTP servers, anonymous FTP, and permission-based...

Fedora 38 : podman (2024-06ebb70bdd)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-06ebb70bdd advisory. Automatic update for podman-4.8.3-1.fc38. Changelog for podman Wed Jan 03 2024 Packit - 5:4.8.3-1 - packit 4.8.3 upstream release Tenable has extracted the...

Fedora 39 : golang-x-crypto (2024-7b08207cdb)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-7b08207cdb advisory. Update golang-x-crypto to v0.18.0, fix for CVE-2023-48795 Tenable has extracted the preceding description block directly from the Fedora security...

Debian dsa-5599 : php-seclib - security update

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5599 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such...

Ubuntu 23.10 : libssh2 vulnerability (USN-6585-1)

The remote Ubuntu 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6585-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept...