Lucene search
K

6 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:55 a.m.4 views

SUSE CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...

9.8CVSS6.8AI score0.04242EPSS
Exploits1References3
F5 Networks
F5 Networks
added 2023/01/04 4:53 p.m.212 views

K14317: OpenSSH J-PAKE vulnerability CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate. F5 products do not include J-PAKE in the OpenSSH programs a...

9.8CVSS6.6AI score0.04242EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/05/12 12:0 a.m.198 views

GLSA-201405-06 : OpenSSH: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201405-06 OpenSSH: Multiple vulnerabilities Multiple vulnerabilities have been discovered in OpenSSH. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could execute arbitrary code, cause a...

9.8CVSS7.1AI score0.1651EPSS
Exploits7References8
F5 Networks
F5 Networks
added 2013/03/27 12:0 a.m.196 views

SOL14317 - OpenSSH J-PAKE vulnerability CVE-2010-4478

Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy...

7.5CVSS3.3AI score0.04242EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2010/12/06 10:0 p.m.5 views

CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...

6.8AI score0.04242EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2010/12/06 10:0 p.m.176 views

CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...

9.8CVSS7.1AI score0.04242EPSS
Exploits1
Rows per page
Query Builder