New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide

An updated version of a botnet malware called Prometei has infected more than 10,000 systems worldwide since November 2022. The infections are both geographically indiscriminate and opportunistic, with a majority of the victims reported in Brazil, Indonesia, and Turkey. Prometei, first observed i...

New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide

An updated version of a botnet malware called Prometei has infected more than 10,000 systems worldwide since November 2022. The infections are both geographically indiscriminate and opportunistic, with a majority of the victims reported in Brazil, Indonesia, and Turkey. Prometei, first observed i...

PT-2023-1907 · Unknown · Mxsecurity

Name of the Vulnerable Software and Affected Versions: MXsecurity version 1.0 Description: The issue is related to a command injection vulnerability in the SSH CLI program of MXsecurity. This vulnerability can be exploited by attackers who have gained authorization privileges, allowing them to...

The vulnerability of the MKLogic-500 PLC, related to the use of hidden functions, allows a hacker to gain full control over the device.

The vulnerability of the MKLogic-500 PLC is related to the presence of hidden features such as SSH access. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain full control over the device...

Vulnerabilities fixed in Cisco NX-OS

Cisco has fixed vulnerabilities in NX-OS. The vulnerability with attribute CVE-2022-20050 can be exploited by a local, authenticated malicious person to exploit arbitrary code execute arbitrary code at the system level by exploiting command-line injection. Also, a bug has been fixed in the...

The vulnerability of the monitoring system for critical equipment, StruxureWare Data Center Expert, arises due to the failure to take measures to neutralize special elements used in the operating system’s command set. This allows a perpetrator to execute arbitrary commands.

The vulnerability of the StruxureWare Data Center Expert monitoring system exists because measures to neutralize special elements used in the operating system have not been taken. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands via the SSH protocol remotely...

SUSE CVE-2003-1562

sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password...

SUSE CVE-2006-1206

Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service connection slot exhaustion via a large number of connection attempts that exceeds the MAXUNAUTHCLIENTS defined value...

SUSE CVE-2006-3631

Unspecified vulnerability in the SSH dissector in Wireshark aka Ethereal 0.9.10 to 0.99.0 allows remote attackers to cause a denial of service infinite loop via unknown attack vectors...

SUSE CVE-2008-3259

OpenSSH before 5.1 sets the SOREUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform...

SUSE CVE-2008-5161

Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1;...

SUSE CVE-2010-5107

The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service connection-slot exhaustion by periodically making many new TCP connections...

SUSE CVE-2011-3870

Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorizedkeys file...

SUSE CVE-2011-4327

ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call...

SUSE CVE-2013-4436

The default configuration for salt-ssh in Salt aka SaltStack 0.17.0 does not validate the SSH host key of requests, which allows remote attackers to have unspecified impact via a man-in-the-middle MITM attack...

SUSE CVE-2013-4852

Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service crash and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the S...

SUSE CVE-2014-1692

The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...

SUSE CVE-2014-2653

The verifyhostkey function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate...

SUSE CVE-2015-6565

sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service terminal disruption or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence...

SUSE CVE-2016-0777

The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key...