Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.48 views

RHEL 5 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: MaxAuthTries limit bypass via duplicates in KbdInteractiveDevices CVE-2015-5600 - openssh:...

9.8CVSS7.2AI score0.98631EPSS
Exploits63References18
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.36 views

SUSE: Security Advisory (SUSE-SU-2016:2555-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.88944EPSS
Exploits30References16
IBM Security Bulletins
IBM Security Bulletins
added 2019/12/18 2:26 p.m.52 views

Security Bulletin: Vulnerabilities in OpenSSH affect IBM i (CVE-2016-1907, CVE-2016-1908, CVE-2016-3115)

Summary OpenSSH vulnerabilities affect IBM i. IBM i has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-3115 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied X11...

9.8CVSS2.7AI score0.37016EPSS
Exploits13Affected Software1
Debian
Debian
added 2018/09/12 8:2 p.m.56 views

[SECURITY] [DLA 1500-2] openssh regression update

Package : openssh Version : 1:6.7p1-5+deb8u7 Debian Bug : 908652 The security update of OpenSSH announced as DLA 1500-1 introduced a bug in openssh-client: when X11 forwarding is enabled via system-wide configuration in sshconfig or via -X command line switch, but no DISPLAY is set, the client...

9.8CVSS6.8AI score0.13736EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/09/12 12:0 a.m.118 views

Debian DLA-1500-2 : openssh regression update

The security update of OpenSSH announced as DLA 1500-1 introduced a bug in openssh-client: when X11 forwarding is enabled via system-wide configuration in sshconfig or via -X command line switch, but no DISPLAY is set, the client produces a 'DISPLAY 'null' invalid; disabling X11 forwarding'...

9.8CVSS6.8AI score0.13736EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:44 p.m.49 views

Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in OpenSSH (CVE-2016-3115, CVE-2016-1908)

Summary Vulnerabilities have been identified in OpenSSH. IBM Security Access Manager for Mobile uses OpenSSH and is affected by these vulnerabilities. Vulnerability Details CVEID: CVE-2016-3115 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary commands on the...

9.8CVSS9.4AI score0.37016EPSS
Exploits13Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:44 p.m.50 views

Security Bulletin: IBM Security Access Manager for Web is affected by vulnerabilities in OpenSSH (CVE-2016-3115, CVE-2016-1908)

Summary Vulnerabilities have been identified in OpenSSH. IBM Security Access Manager for Web uses OpenSSH and is affected by these vulnerabilities. Vulnerability Details CVEID: CVE-2016-3115 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary commands on the...

9.8CVSS2.1AI score0.37016EPSS
Exploits13Affected Software1
OSV
OSV
added 2017/04/11 6:59 p.m.5 views

DEBIAN-CVE-2016-1908

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging configuration issues ...

9.8CVSS6.8AI score0.13736EPSS
Exploits0References1
CVE
CVE
added 2017/04/11 12:0 a.m.2260 views

CVE-2016-1908

OpenSSH CVE-2016-1908 affects the OpenSSH client before 7.2, where cookie generation for untrusted X11 forwarding can be mishandled when the local X server lacks the SECURITY extension. This could allow remote X11 clients to trigger a fallback to trusted forwarding, bypassing intended access cont...

9.8CVSS9AI score0.13736EPSS
Exploits0References12Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/06/17 12:0 a.m.286 views

SUSE SLES11 Security Update : openssh (SUSE-SU-2016:1528-1)

openssh was updated to fix three security issues. These security issues were fixed : - CVE-2016-3115: Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH allowed remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related t...

9.8CVSS7AI score0.37016EPSS
Exploits13References17
Tenable Nessus
Tenable Nessus
added 2016/06/09 12:0 a.m.57 views

Scientific Linux Security Update : openssh on SL6.x i386/x86_64 (20160510)

Security Fixes : - It was found that the OpenSSH client did not properly enforce the ForwardX11Timeout setting. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the local X server, even if only untrusted X11 forwarding was requested...

9.8CVSS6.8AI score0.13736EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2016/06/01 12:0 a.m.58 views

openSUSE Security Update : openssh (openSUSE-2016-668)

This update for OpenSSH fixes three security issues. These security issues were fixed : - CVE-2016-3115: Sanitise input for xauth1 bsc970632 - CVE-2016-1908: Prevent X11 SECURITY circumvention when forwarding X11 connections bsc962313 - CVE-2015-8325: Ignore PAM environment when using login...

9.8CVSS7AI score0.37016EPSS
Exploits13References15
Tenable Nessus
Tenable Nessus
added 2016/05/25 12:0 a.m.68 views

SUSE SLED12 / SLES12 Security Update : openssh (SUSE-SU-2016:1386-1)

This update for OpenSSH fixes three security issues. These security issues were fixed : - CVE-2016-3115: Sanitise input for xauth1 bsc970632 - CVE-2016-1908: Prevent X11 SECURITY circumvention when forwarding X11 connections bsc962313 - CVE-2015-8325: Ignore PAM environment when using login...

9.8CVSS7AI score0.37016EPSS
Exploits13References19
OSV
OSV
added 2016/05/23 3:4 p.m.11 views

SUSE-SU-2016:1386-1 Security update for openssh

This update for OpenSSH fixes three security issues. These security issues were fixed: - CVE-2016-3115: Sanitise input for xauth1 bsc970632 - CVE-2016-1908: Prevent X11 SECURITY circumvention when forwarding X11 connections bsc962313 - CVE-2015-8325: Ignore PAM environment when using login...

9.8CVSS7.2AI score0.37016EPSS
Exploits13References16
Cent OS
Cent OS
added 2016/05/16 10:19 a.m.430 views

openssh, pam_ssh_agent_auth security update

CentOS Errata and Security Advisory CESA-2016:0741 An update for openssh is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

9.8CVSS7AI score0.13736EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2016/05/11 12:0 a.m.60 views

RedHat Update for openssh RHSA-2016:0741-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.6AI score0.13736EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2016/05/10 12:0 a.m.53 views

Ubuntu: Security Advisory (USN-2966-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.37016EPSS
Exploits13References2
Amazon
Amazon
added 2016/03/29 12:0 a.m.60 views

Medium: openssh

Issue Overview: An access flaw was discovered in the OpenSSH client where it did not correctly handle failures to generate authentication cookies for untrusted X11 forwarding. A malicious or compromised remote X application could possibly use this flaw to establish a trusted connection to the loc...

9.8CVSS7.8AI score0.13736EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/03/23 12:0 a.m.43 views

Oracle: Security Advisory (ELSA-2016-0465)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.2AI score0.37016EPSS
Exploits13References2
Tenable Nessus
Tenable Nessus
added 2016/03/22 12:0 a.m.64 views

Oracle Linux 7 : openssh (ELSA-2016-0465)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0465 advisory. - CVE-2016-1908: possible fallback from untrusted to trusted X11 forwarding 1298741 Tenable has extracted the preceding description block directly from...

9.8CVSS7.2AI score0.37016EPSS
Exploits13References3
Rows per page
Query Builder