kernel: ipv4: denial of service when destroying a network interface

A security flaw was found in the Linux kernel's networking subsystem that destroying the network interface with huge number of ipv4 addresses assigned keeps "rtnllock" spinlock for a very long time up to hour. This blocks many network-related operations, including creation of new incoming ssh...

The vulnerability of the SSH network protocol, related to the disclosure of information, allows a perpetrator to gain access to confidential data.

The vulnerability of the SSH network protocol is related to an error in password hashing. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data remotely...

[SECURITY] Fedora 23 Update: openssh-7.2p2-6.fc23

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

Juniper Junos Space Man-in-the-Middle Attack Vulnerability

Juniper Junos Space is a network management solution from Juniper Networks. The solution supports automated configuration, monitoring and troubleshooting of devices and services throughout their lifecycle. A security vulnerability exists in Juniper Junos Space versions prior to 15.2R2, which aris...

Cisco NX-OS Security Bypass Vulnerability

Cisco NX-OS is a data center-oriented operating system from Cisco. A security bypass vulnerability exists in the SSH subsystem in Cisco NX-OS versions 4.0 through 7.3, which can be exploited by a remote attacker to bypass AAA restrictions and execute commands on the device command line...

[SECURITY] Fedora 25 Update: openssh-7.3p1-4.fc25

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

CVE-2016-6393

The AAA service in Cisco IOS 12.0 through 12.4 and 15.0 through 15.6 and IOS XE 2.1 through 3.18 and 16.2 allows remote attackers to cause a denial of service device reload via a failed SSH connection attempt that is mishandled during generation of an error-log message, aka Bug ID CSCuy87667...

[SECURITY] Fedora 24 Update: openssh-7.2p2-13.fc24

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

Dropbear SSH Local Code Execution Vulnerability

Dropbear is a relatively small SSH server and client. An arbitrary code execution vulnerability exists in Dropbear dropbearconvert, which can be exploited by a local attacker to execute arbitrary code...

Dropbear SSH Arbitrary Code Execution Vulnerability

Dropbear is a relatively small SSH server and client. An arbitrary code execution vulnerability exists in Dropbear dbclient, which can be exploited by a remote attacker to execute arbitrary code when a local dbclient user enters a specific -m or -c parameter...

BSA-2016-009

Summary Security Advisory ID : BSA-2016-009 Component : SSH Revision : 2.0 N/A...

UBUNTU-CVE-2016-2183

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted...

UBUNTU-CVE-2016-6515

The authpassword function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service crypt CPU consumption via a long string...

golang: infinite loop in several big integer routines

A denial of service vulnerability was found in Go's verification of DSA public keys. An attacker could provide a crafted key to HTTPS client or SSH server libraries which would cause the application to enter an infinite loop...

[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-6.fc24

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

[SECURITY] Fedora 24 Update: openssh-7.2p2-10.fc24

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

The vulnerability of Fonality’s corporate telephony software allows a perpetrator to gain access to protected information.

The vulnerability of the Fonality corporate telephony software relates to the rigid encoding of registration data for FTP login records. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected information via FTP or SSH connections...

Cisco IOS XR for Cisco Network Convergence System Denial of Service Vulnerability

Cisco IOS XR on NCS 6000 is an operating system from Cisco that runs on 6000 series router devices. A denial of service vulnerability exists in Cisco IOS XR versions 5.x through 5.2.5 on NCS 6000 devices, which arises from the program failing to properly manage system timer resources. A remote...

CVE-2016-1426

Cisco IOS XR 5.x through 5.2.5 on NCS 6000 devices allows remote attackers to cause a denial of service timer consumption and Route Processor reload via crafted SSH traffic, aka Bug ID CSCux76819...

[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-5.fc24

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...