The vulnerability of Cisco IPS software allows a malicious actor to execute arbitrary code.

The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by manipulating environment variables. Security researchers have confirmed that this...

The vulnerability of the Cisco Nexus 5000 software allows a malicious individual to execute arbitrary code.

The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that this...

The vulnerability of Cisco Nexus 1000V software allows a malicious actor to execute arbitrary code.

The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that this...

Vulnerability of Cisco Nexus 5000 software, allowing attackers to access confidential information

The GNU Bash command shell, as of version 4.3 bash43-025, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other unconfirmed actions. Security...

The vulnerability of Cisco Nexus 7000 software allows a malicious individual to increase their privileges.

The vulnerability in Cisco NX-OS devices of the Nexus 7000 series – where multiple virtual device contexts VDC are enabled, along with local authentication – allows remote users who have passed authentication to elevate their privileges within an unplanned VDC environment. This is achieved by usi...

The vulnerability of Cisco PIX software allows a malicious individual to trigger a service failure.

The vulnerability in Cisco PIX systems with open telnet or SSH ports allows attackers to induce service failures by attempting to connect to services at a very high frequency...

Vulnerability of Cisco Nexus 7000 software, allowing attackers to access confidential information

The GNU Bash command shell, as of version 4.3 bash43-025 and later, incorrectly handles lines that follow the declaration of a specially crafted function, which is exported as a variable. This allows a malicious actor to read and write arbitrary files, as well as perform other undefined actions...

The vulnerability of Cisco ACS software allows a malicious individual to execute arbitrary code.

The GNU Bash command shell, as of version 4.3 and later, incorrectly handles lines that follow the declaration of a function that is exported as a variable. This allows a malicious actor to execute arbitrary code by interfering with environment variables. Security researchers have confirmed that...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the SSH package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

The vulnerability of the Cisco IOS operating system, which allows a malicious actor to trigger a service failure

Cisco IOS software contains vulnerabilities in the Secure Shell SSH services and Cisco IOS XE software. When these services are operated, a “disruption of service” can be triggered by sending specially crafted SSH requests...

Cisco Integrated Services Routers IOS Denial of Service Vulnerability

Cisco IOS on Integrated Services Routers ISR is a set of operating systems from Cisco that run in the ISR series of routers. A security vulnerability exists in Cisco IOS on Cisco ISR that can be exploited by a remote attacker to cause a denial of service out of memory by connecting to the device...

Cisco IOS and Cisco IOS XE Software TCP Denial of Service Vulnerability

A vulnerability in the handling of remote TCP connections in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a partial denial of service DoS condition due to low memory. The vulnerability is due to the handling of out-of-order, or otherwise invalid, TC...

CVE-2016-2362

Fonality previously trixbox Pro 12.6 through 14.1i before 2016-06-01 has a hardcoded password for the FTP account, which allows remote attackers to obtain access via a 1 FTP or 2 SSH connection...

Google Go Denial of Service Vulnerability

Google Go is a programming language optimized for programming applications on multiprocessor systems by Google. A denial of service vulnerability exists in the Verify function in the crypto/dsa/dsa.go file in Google Go versions prior to 1.5.4 and 1.6.x versions prior to 1.6.1, which stems from a...

SOL35424631 - OpenSSH vulnerability CVE-2016-1907

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-3.fc24

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

USN-2966-1: OpenSSH vulnerabilities

Shayan Sadigh discovered that OpenSSH incorrectly handled environment files when the UseLogin feature is enabled. A local attacker could use this issue to gain privileges. CVE-2015-8325 Ben Hawkes discovered that OpenSSH incorrectly handled certain network traffic. A remote attacker could possibl...

[SECURITY] Fedora 24 Update: gsi-openssh-7.2p2-2.fc24

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...

Libpam-sshauth Local Privilege Vulnerability

libpam-sshauth is a PAM module that can be used to authenticate users on a local computer by connecting to a remote server via ssh. A programming error in libpam-sshauth allows local attackers to exploit this vulnerability to gain root privileges...

[SECURITY] Fedora 22 Update: gsi-openssh-6.9p1-8.fc22

SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...