ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

AZL-44142 CVE-2024-21885 affecting package xorg-x11-server 1.20.10-6

A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remo...

CLSA-2024-1708638566 openssh: Fix of CVE-2023-48795

CVE-2023-48795: implement "strict key exchange" in ssh and sshd...

CVE-2023-31728

Teltonika RUT240 devices with firmware before 07.04.2, when bridge mode is used, sometimes make SSH and HTTP services available on the IPv6 WAN interface even though the UI shows that they are only available on the LAN interface...

CLSA-2024-1707919380 openssh: Fix of CVE-2023-48795

CVE-2023-48795: implement "strict key exchange" in ssh and sshd - Moved ELS patches to the top to avoid patch conflicts...

CVE-2024-1378

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via nomad templates when configuring SMTP options. Exploitation of this vulnerability required access to th...

GitHub Enterprise Server Command Injection Vulnerability

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...

GitHub Enterprise Server Command Injection Vulnerability

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...

GitHub Enterprise Server Command Injection Vulnerability

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server that stems from the presence of...

The vulnerability of the Traffic Management Module of the BIG-IP access control and remote authentication solution allows a perpetrator to impersonate the SSH server of SPK Secure Shell.

The vulnerability of the Traffic Management Module of the BIG-IP access control and remote authentication solution lies in the use of strict encryption for registration data. Exploiting this vulnerability allows a malicious actor to impersonate the SSH server...

[SECURITY] Fedora 38 Update: openssh-9.0p1-19.fc38

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

CLSA-2024-1707420183 Fix CVE(s): CVE-2023-48795

SECURITY UPDATE: it's possible to remove the initial messages on the secure channel without causing a MAC failure - debian/patches/CVE-2023-48795.patch: implement "strict key exchange" in ssh and sshd - CVE-2023-48795...

The vulnerability of the Vinchin Backup & Recovery software for backup and restoration operations, related to the use of pre-installed user accounts, allows a hacker to elevate their privileges to the level of a root user.

The vulnerability of the Vinchin Backup & Recovery software regarding backup and restoration is related to the use of pre-installed user accounts. Exploiting this vulnerability allows a malicious actor to elevate their privileges to root-level by connecting with the default SSH account...

The vulnerability of the OpenSSH package on the macOS operating system, which allows a hacker to gain unauthorized access to SSH password credentials

The vulnerability of the OpenSSH package for the macOS operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow a hacker to gain unauthorized access to SSH password credentials...

OESA-2024-1122 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: The SSH transport protocol with certain OpenSSH...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

xorg-x11-server: heap buffer overflow in XISendDeviceHierarchyEvent

A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remo...