2265 matches found
Cisco TelePresence System t-shell Denial of Service Vulnerability
A vulnerability in the t-shell implementation of Cisco TelePresence System Software could allow an authenticated, remote attacker to exhaust the available memory and create a denial of service DoS condition. The vulnerability is due to improper handling of orphaned t-shell sessions. An attacker...
[SECURITY] Fedora 19 Update: gsi-openssh-6.1p1-5.fc19
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
Code injection
The Secure Shell SSH implementation on Cisco Adaptive Security Appliances ASA devices, and in Cisco Firewall Services Module FWSM, does not properly terminate sessions, which allows remote attackers to cause a denial of service SSH service outage by repeatedly establishing SSH connections, aka Bu...
CVE-2013-1193
CVE-2013-1193 affects Cisco ASA and Cisco FWSM SSH handling, where improper termination of SSH sessions allows an attacker to cause a denial of service by repeatedly opening SSH connections. Public docs confirm the issue and reference Cisco advisory Cisco-SA-20130412-CVE-2013-1193; some sources a...
PT-2013-2960 · Cisco · Cisco Firewall Services Module +1
Name of the Vulnerable Software and Affected Versions: Cisco Adaptive Security Appliances ASA devices affected versions not specified Cisco Firewall Services Module FWSM affected versions not specified Description: The Secure Shell SSH implementation does not properly terminate sessions, allowing...
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
Overview The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability. The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability due to an issue in processing authentication requests. Hisashi Kojima and Masahiro Nakada of Fujits...
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
Overview The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability. The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability due to an issue in the processing directly after the SSH connection is established. Hisashi Kojima...
VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability
Overview The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability. The SSH server IPSSH implementation in VxWorks contains a denial-of-service vulnerability due to an issue in processing pty requests. Hisashi Kojima and Masahiro Nakada of Fujitsu Laboratories...
Scientific Linux Security Update : kexec-tools on SL6.x i386/x86_64
Kexec allows for booting a Linux kernel from the context of an already running kernel. Kdump used the SSH Secure Shell 'StrictHostKeyChecking=no' option when dumping to SSH targets, causing the target kdump server's SSH host key not to be checked. This could make it easier for a man-in-the-middle...
DEBIAN-CVE-2012-0920
Use-after-free vulnerability in Dropbear SSH Server 0.52 through 2012.54, when command restriction and public key authentication are enabled, allows remote authenticated users to execute arbitrary code and bypass command restrictions via multiple crafted command requests, related to "channels...
Sysax SSH Username Remote Code Execution
Added: 03/06/2012 BID: 52190 OSVDB: 79689 Background Sysax Multi Server is a Secure FTP Server and SSH2 Secure Shell Server combined into a single product. It simultaneously supports remote access and file transfer using FTP, FTPS, SFTP, Telnet, and Secure Shell. It also supports web based file...
Sysax SSH Username Remote Code Execution
Added: 03/06/2012 BID: 52190 OSVDB: 79689 Background Sysax Multi Server is a Secure FTP Server and SSH2 Secure Shell Server combined into a single product. It simultaneously supports remote access and file transfer using FTP, FTPS, SFTP, Telnet, and Secure Shell. It also supports web based file...
Sysax SSH Username Remote Code Execution
Added: 03/06/2012 BID: 52190 OSVDB: 79689 Background Sysax Multi Server is a Secure FTP Server and SSH2 Secure Shell Server combined into a single product. It simultaneously supports remote access and file transfer using FTP, FTPS, SFTP, Telnet, and Secure Shell. It also supports web based file...
kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images
The SSH configuration in the Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, disables the StrictHostKeyChecking option, which allows man-in-the-middle attackers to spoof kdump servers...
kexec-tools: Multiple security flaws by management of kdump core files and ramdisk images
The Red Hat mkdumprd script for kexec-tools, as distributed in the kexec-tools 1.x before 1.102pre-154 and 2.x before 2.0.0-209 packages in Red Hat Enterprise Linux, includes all of root's SSH private keys within a vmcore file, which allows context-dependent attackers to obtain sensitive...
IT-Grundschutz M5.064: Secure Shell
IT-Grundschutz M5.064: Secure Shell. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.95065 Diese Prüfung bezieht sich auf die 12. Ergänzungslieferung 12. EL des IT-...
IT-Grundschutz M5.064: Secure Shell
IT-Grundschutz M5.064: Secure Shell. ACHTUNG: Dieser Test wird nicht mehr unterstützt. Er wurde ersetzt durch den entsprechenden Test der nun permanent and die aktuelle EL angepasst wird: OID 1.3.6.1.4.1.25623.1.0.95065 Diese Prüfung bezieht sich auf die 12. Ergänzungslieferung 12. EL des IT-...
Multiple D-Link products vulnerable to buffer overflow
Overview Multiple D-Link products contain a buffer overflow vulnerability. Multiple D-Link products contain a buffer overflow vulnerability due to a SSH implementation issue. Hisashi Kojima, Masahiro Nakada of Fujitsu Laboratories Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated wit...
DEBIAN-CVE-2011-0766
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys...
PT-2011-2617 · Ericsson · Erlang/Otp
Name of the Vulnerable Software and Affected Versions: Crypto application versions prior to 2.0.2.2 SSH versions prior to 2.0.5 Erlang/OTP ssh library versions prior to R14B03 Description: The random number generator uses predictable seeds based on the current time, making it easier for remote...