43 matches found
OpenSSH 9.9p1 Denial of Service / Man-In-The-Middle Vulnerability
OpenSSH versions 6.8p1 to 9.9p1 contain a logic error that allow an on-path attacker a.k.a man-in-the-middle to impersonate any server when the VerifyHostKeyDNS option is enabled. This option is off by default. OpenSSH versions 9.5p1 to 9.9p1 are vulnerable to a memory/CPU denial of service relat...
OpenSSH 9.9p1 Denial of Service / Man-In-The-Middle
OpenSSH versions 6.8p1 to 9.9p1 contain a logic error that allow an on-path attacker a.k.a man-in-the-middle to impersonate any server when the VerifyHostKeyDNS option is enabled. This option is off by default. OpenSSH versions 9.5p1 to 9.9p1 are vulnerable to a memory/CPU denial of service relat...
PT-2025-7168
Name of the Vulnerable Software and Affected Versions OpenSSH versions 6.8p1 through 9.9p1 Description A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled, allowing a machine-in-the-middle attack to be performed by a malicious machine impersonating a legitimate server...