Lucene search
K

34 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2014-2653

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The verifyhostkey function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by...

6.5CVSS6.8AI score0.01988EPSS
Exploits1References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.4 views

SUSE CVE-2014-2653

The verifyhostkey function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate...

6.5CVSS8AI score0.01988EPSS
Exploits1References7
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/25 4:46 p.m.34 views

Security Bulletin: Vulnerabilities in Open Secure Shell for GPFS V3.5 on Windows (CVE-2014-2653, CVE-2014-2532)

Summary Security vulnerabilities have been identified in the level of OpenSSH that is currently shipped with GPFS V3.5.0.11, or later, on Windows. The current level of OpenSSH could allow a remote attacker to bypass security restrictions caused by: - CVE-2014-2653 an error in the SSH client when...

5.8CVSS6AI score0.04751EPSS
Exploits2Affected Software1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2014:0818-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.6AI score0.04751EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 1:35 a.m.56 views

Security Bulletin: Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)

Summary Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II IMM2. Vulnerability Details Abstract Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II IMM2. Vulnerability Details CVE-ID: CVE-2014-2653...

6.8CVSS0.8AI score0.51436EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2016/06/15 12:0 a.m.36 views

F5 Networks BIG-IP : OpenSSH vulnerabilities (K15780)

CVE-2014-2653 The verifyhostkey function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate. CVE-2014-2532 sshd in OpenSSH before 6.6 does not properly support wildcards on...

6.5CVSS6.6AI score0.04751EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.29 views

Oracle: Security Advisory (ELSA-2015-0425)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.7AI score0.01988EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/10/06 12:0 a.m.26 views

Oracle: Security Advisory (ELSA-2014-1552)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.9AI score0.04751EPSS
Exploits2References2
securityvulns
securityvulns
added 2015/08/02 12:0 a.m.115 views

FreeBSD Security Advisory FreeBSD-SA-15:16.openssh [REVISED]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:16.openssh Security Advisory The FreeBSD Project Topic: OpenSSH multiple vulnerabilities Category: contrib Module: openssh Announced: 2015-07-28, revised on...

8.5CVSS6.1AI score0.09302EPSS
Exploits2
FreeBSD Advisory
FreeBSD Advisory
added 2015/07/28 12:0 a.m.32 views

FreeBSD-SA-15:16.openssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:16.openssh Security Advisory The FreeBSD Project Topic: OpenSSH multiple vulnerabilities Category: contrib Module: openssh Announced: 2015-07-28, revised on...

8.5CVSS6.8AI score0.09302EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.34 views

Mandriva Linux Security Advisory : openssh (MDVSA-2015:095)

Updated openssh packages fix security vulnerabilities : sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshdconfig, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character CVE-2014-2532...

6.5CVSS6.6AI score0.04751EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2015/03/18 12:0 a.m.67 views

CentOS 7 : openssh (CESA-2015:0425)

Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

6.5CVSS6.8AI score0.01988EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2015/03/10 12:0 a.m.39 views

Oracle Linux 7 : openssh (ELSA-2015-0425)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0425 advisory. - add new option GSSAPIEnablek5users and disable using /.k5users by default CVE-2014-9278 1169843 - prevent a server from skipping SSHFP lookup -...

6.5CVSS6.7AI score0.01988EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2015/03/06 12:0 a.m.44 views

RedHat Update for openssh RHSA-2015:0425-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS5.6AI score0.01988EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2014/11/12 12:0 a.m.71 views

CentOS 6 : openssh (CESA-2014:1552)

Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

6.5CVSS6.5AI score0.04751EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2014/10/23 12:0 a.m.205 views

OpenSSH SSHFP Record Verification Weakness

According to its banner, the version of OpenSSH running on the remote host is 6.1 through 6.6. It is, therefore, affected by a host verification bypass vulnerability related to SSHFP and certificates that could allow a malicious SSH server to cause the supplied client to inappropriately trust the...

6.5CVSS6.5AI score0.01988EPSS
Exploits1References4
Slackware Linux
Slackware Linux
added 2014/10/20 10:50 p.m.38 views

[slackware-security] openssh

New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/openssh-6.7p1-i486-1slack14.1.txz: Upgraded. This update fixes a security issue that allows remote servers...

6.5CVSS6AI score0.01988EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/10/17 12:0 a.m.41 views

Oracle Linux 6 : openssh (ELSA-2014-1552)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-1552 advisory. - prevent a server from skipping SSHFP lookup 1081338 CVE-2014-2653 - ignore environment variables with embedded '=' or '\0' characters CVE-2014-2532...

6.5CVSS6.7AI score0.04751EPSS
Exploits2References3
Oracle linux
Oracle linux
added 2014/10/15 12:0 a.m.97 views

openssh security, bug fix, and enhancement update

5.3p1-104 - ignore SIGXFSZ in postauth monitor child 1133906 5.3p1-103 - don't try to generate DSA keys in the init script in FIPS mode 1118735 5.3p1-102 - ignore SIGPIPE in ssh-keyscan 1108836 5.3p1-101 - ssh-add: fix fatal exit when removing card 1042519 5.3p1-100 - fix race in backported...

5.8CVSS0.9AI score0.04751EPSS
Exploits2
Amazon
Amazon
added 2014/07/09 12:0 a.m.44 views

Medium: openssh

Issue Overview: sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshdconfig, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character. The verifyhostkey function in sshconnect.c in the...

5.8CVSS7.1AI score0.04751EPSS
Exploits2
Rows per page
Query Builder