8 matches found
USN-8090-2 openssh vulnerabilities
USN-8090-1 fixed vulnerabilities in OpenSSH. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: Jeremy Brown discovered that the OpenSSH GSSAPI Key Exchange incorrectly handled disconnecting clients. In non-default configurations where the...
MiracleLinux 8 : openssh-8.0p1-27.el8_10 (AXSA:2025-11617:08)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11617:08 advisory. openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand CVE-2025-61984 openssh: OpenSSH: Null character in...
EulerOS Virtualization 2.13.1 : openssh (EulerOS-SA-2025-2626)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources,...
Oracle Linux 9 : openssh (ELSA-2025-23480)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-23480 advisory. - CVE-2025-61984: Reject usernames with control characters Resolves: RHEL-128401 Tenable has extracted the preceding description block directly from t...
CentOS 9 : openssh-9.9p1-3.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the openssh-9.9p1-3.el9 build changelog. - Reject URL-strings with NULL characters CVE-2025-61985 - Reject usernames with control characters CVE-2025-61984 Note that Nessus has not...
EulerOS 2.0 SP13 : openssh (EulerOS-SA-2025-2526)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to...
SUSE-SU-2025:21161-1 Security update for openssh
This update for openssh fixes the following issues: - CVE-2025-61984: code execution via control characters in usernames when a ProxyCommand is used bsc1251198. - CVE-2025-61985: code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199...
SUSE-SU-2025:4098-1 Security update for openssh8.4
This update for openssh8.4 fixes the following issues: - CVE-2025-61984: Fixed code execution via control characters in usernames when a ProxyCommand is used bsc1251198 - CVE-2025-61985: Fixed code execution via '\0' character in ssh:// URI when a ProxyCommand is used bsc1251199...