Lucene search
K

11 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:41 p.m.22 views

Security Bulletin: IBM Security Proventia Network Active Bypass is affected by vulnerabilities in OpenSSH (CVE-2013-4548)

Summary Security vulnerabilities have been discovered in OpenSSH. Vulnerability Details CVE-ID: CVE-2013-4548 DESCRIPTION: A memory corruption vulnerability exists in the post-authentication sshd process when an AES-GCM cipher [email protected] or [email protected] is selected during ke...

6CVSS0.9AI score0.0267EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.21 views

openSUSE Security Update : openssh (openSUSE-SU-2013:1726-1)

openssh was updated to fix a memory corruption when AES-GCM is used which could lead to remote code execution after successful authentication. CVE-2013-4548 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

6CVSS8.4AI score0.0267EPSS
Exploits1References3
seebug.org
seebug.org
added 2014/02/26 12:0 a.m.147 views

IBM AIX/Virtual I/O Server OpenSSH AES-GCM密文特权提升漏洞

CVE ID:CVE-2013-4548 IBM AIX是一款商业性质的操作系统。 IBM AIX / Virtual I/O Server包含的OpenSSH存在安全漏洞密钥交换过程中选择AES-GCM密文存在错误,允许恶意本地用户利用漏洞提升权限。 0 IBM AIX 5.x IBM AIX 6.x IBM AIX 7.x IBM Virtual I/O Server VIOS 1.x IBM Virtual I/O Server VIOS 2.x 厂商补丁: IBM ----- 用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞:...

6CVSS6.5AI score0.0267EPSS
Exploits1
IBM AIX
IBM AIX
added 2014/02/21 11:19 a.m.74 views

AIX OpenSSH Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 IBM SECURITY ADVISORY First Issued: Fri Feb 21 11:19:24 CDT 2014 | Updated: Wed Apr 16 17:55:12 CDT 2014 | Update: Clarified the affected OpenSSH version The most recent version of this document is available here:...

6CVSS5.9AI score0.0267EPSS
Exploits1
OpenVAS
OpenVAS
added 2013/12/10 12:0 a.m.22 views

openSUSE: Security Advisory for openssh (openSUSE-SU-2013:1726-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6CVSS7.8AI score0.0267EPSS
Exploits1References1
ALT Linux
ALT Linux
added 2013/12/09 12:0 a.m.22 views

Security fix for the ALT Linux 7 package openssh version 5.9p1-alt7

5.9p1-alt7 built Dec. 9, 2013 Dmitry V. Levin in task 110259 Nov. 8, 2013 Dmitry V. Levin - sshd: applied upstream initialization fix CVE-2013-4548...

6CVSS6.2AI score0.0267EPSS
Exploits1
OPENSUSE Linux
OPENSUSE Linux
added 2013/11/18 1:5 p.m.29 views

openssh: security fix for remote code execution with AES-GCM (important)

openssh was updated to fix a memory corruption when AES-GCM is used which could lead to remote code execution after successful authentication. CVE-2013-4548...

6CVSS2.6AI score0.0267EPSS
Exploits1References1
Debian
Debian
added 2013/11/12 4:16 p.m.26 views

[BSA-087] Security Update for openssh

Colin Watson uploaded new packages for openssh which fixed the following security problems: CVE-2013-4548 A memory corruption vulnerability exists in the post-authentication sshd process when an AES-GCM cipher [email protected] or [email protected] is selected during kex exchange. If...

6CVSS7.5AI score0.0267EPSS
Exploits1
CVE
CVE
added 2013/11/08 3:0 p.m.252 views

CVE-2013-4548

CVE-2013-4548 affects OpenSSH sshd 6.2/6.3 when using AES-GCM. The bug is in mm_newkeys_from_blob (monitor_wrap.c) where memory for a MAC context isn’t initialized, allowing remote authenticated users to bypass ForceCommand and login-shell restrictions via crafted packet data. Several connected s...

6CVSS6AI score0.0267EPSS
Exploits1References5Affected Software1
UbuntuCve
UbuntuCve
added 2013/11/08 12:0 a.m.22 views

CVE-2013-4548

The mmnewkeysfromblob function in monitorwrap.c in sshd in OpenSSH 6.2 and 6.3, when an AES-GCM cipher is used, does not properly initialize memory for a MAC context data structure, which allows remote authenticated users to bypass intended ForceCommand and login-shell restrictions via packet dat...

6CVSS7.2AI score0.0267EPSS
Exploits1References3
ALT Linux
ALT Linux
added 2013/11/08 12:0 a.m.42 views

Security fix for the ALT Linux 8 package openssh version 5.9p1-alt7

Nov. 8, 2013 Dmitry V. Levin 5.9p1-alt7 - sshd: applied upstream initialization fix CVE-2013-4548...

6CVSS6.2AI score0.0267EPSS
Exploits1
Rows per page
Query Builder