Debian DSA-717-1 : lsh-utils - buffer overflow, typo

Several security relevant problems have been discovered in lsh, the alternative secure shell v2 SSH2 protocol server. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2003-0826 Bennett Todd discovered a heap buffer overflow in lshd which could lead...

CVE-2005-1021

CVE-2005-1021 concerns a memory leak in Cisco IOS SSH when TACACS+ is used for authentication (IOS 12.0–12.3). The vulnerability can permit remote attackers to cause denial of service via memory exhaustion during login. Related references describe two DoS variants for Cisco IOS SSH with TACACS+ a...

Vulnerabilities in Cisco IOS Secure Shell Server

Certain release trains of Cisco Internetwork Operating System IOS®, when configured to use the IOS Secure Shell SSH server in combination with Terminal Access Controller Access Control System Plus TACACS+ as a means to perform remote management tasks on IOS devices, may contain two vulnerabilitie...

Cisco IOS Secure Shell Server TACACS+ Multiple DoS (CSCed65778, CSCed65285)

The remote version of IOS has the ability to enable an SSH server to let the administrators connect to the remote device. There is an implementation flaw in the remote version of this software which may allow an attacker to cause a resource starvation on the remote device, thus preventing it from...

CVE-2002-1644

The CVE-2002-1644 entry describes a local privilege-escalation flaw in SSH Secure Shell for Servers and SSH Secure Shell for Workstations, version 2.0.13 through 3.2.1, when run without a PTY. The root cause is that the process does not call setsid to detach the child from the parent’s process gr...

CVE-2002-1645

The CVE-2002-1645 entry concerns SSH Secure Shell for Workstations client versions 3.1 to 3.2.0 with a buffer overflow in the URL catcher feature. The vulnerability allows remote attackers to execute arbitrary code by supplying a long URL. The root cause is a flaw in handling long URLs in the URL...

CVE-2002-1646

SSH Secure Shell for Servers versions 3.0.0–3.1.1 allow remote attackers to override AllowedAuthentications, permitting password or other less secure authentication schemes instead of those configured. This can enable unauthorized access via password-based authentication as described in multiple ...

CVE-2002-1644

SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges...

CVE-2002-1646

SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes e.g. password than configured for the server...

LSH lshd secure shell server DoS

No description provided...

CVE-2003-1119

SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets...

CVE-2003-1119

SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets...

CVE-2004-1357

The Secure Shell SSH Daemon SSHD in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities...

SUSE-SA:2003:039: openssh (second release)

The remote host is missing the patch for the advisory SUSE-SA:2003:039 openssh second release. The openssh package is the most widely used implementation of the secure shell protocol family ssh. It provides a set of network connectivity tools for remote shell login, designed to substitute the...

PT-2004-1607 · Apple · Apple Macos +1

Name of the Vulnerable Software and Affected Versions: Safari versions prior to 10.3.3 on Mac OS Description: The issue concerns an argument injection vulnerability in the SSH URI handler for Safari. This vulnerability allows remote attackers to execute arbitrary code via the ProxyCommand option ...

PT-2004-1550 · Kde +1 · Konqueror +2

Name of the Vulnerable Software and Affected Versions: KDE versions 3.2.2 and earlier Description: The issue is related to the URI handlers in Konqueror, which do not properly filter "-" characters that begin a hostname in certain URIs, such as telnet, rlogin, ssh, or mailto. This allows remote...

CVE-2004-1357

The Secure Shell SSH Daemon SSHD in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities...

CVE-2003-1119

SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets...

KLA10314 DoS vulnerability in SSH Secure Shell

An unspecified vulnerability was found in SSH Secure Shell. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via specially designed packets. Original advisories - Related products SSH-Secure-Shell-for-Workstations CVE list...

SSH Communications Secure Shell vulnerable to DoS via malformed BER/DER packet

Overview SSH Communications' Secure Shell contains vulnerabilities in ASN.1 libraries that may allow remote attackers to cause a denial-of-service situation, or potentially execute arbitrary code on the server. Description SSH Communications' Secure Shell contains a vulnerability in the decoding ...