Lucene search
K

5 matches found

OpenVAS
OpenVAS
added 2021/05/27 12:0 a.m.25 views

OpenSSH < 4.7 Improper Authentication Vulnerabilities

OpenSSH is prone to multiple improper authentication vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5CVSS6.6AI score0.08654EPSS
Exploits1References3
F5 Networks
F5 Networks
added 2013/02/21 12:0 a.m.118 views

SOL14228 - OpenSSH vulnerability CVE-2007-2243

Recommended Action None Supplemental Information CVE-2007-2243 SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...

5CVSS9.3AI score0.02472EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2011/08/29 12:0 a.m.3637 views

SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure

The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...

10CVSS7.1AI score0.76751EPSS
Exploits31References51
Prion
Prion
added 2007/05/21 8:30 p.m.20 views

Design/Logic Flaw

OpenSSH, when using OPIE One-Time Passwords in Everything for PAM, allows remote attackers to determine the existence of certain user accounts, which displays a different response if the user account exists and is configured to use one-time passwords OTP, a similar issue to CVE-2007-2243...

4.3CVSS6.6AI score0.08654EPSS
Exploits1References3
CVE
CVE
added 2007/04/25 4:0 p.m.813 views

CVE-2007-2243

OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, displaying a different response if the account exists (similar to CVE-2001-1483).

5CVSS9.4AI score0.02472EPSS
Exploits1References7Affected Software1
Rows per page
Query Builder