20 matches found
Siemens SIMATIC S7-1500 Missing Encryption of Sensitive Data (CVE-2023-28531)
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...
TencentOS Server 4: openssh (TSSA-2024:0951)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0951 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
CBL Mariner 2.0 Security Update: openssh (CVE-2023-28531)
The version of openssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-28531 advisory. - ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination...
CVE-2023-28531 affecting package openssh for versions less than 8.9p1-5
CVE-2023-28531 affecting package openssh for versions less than 8.9p1-5. A patched version of the package is available...
USN-6560-1: OpenSSH vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension...
Debian DSA-5586-1 : openssh - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5586 advisory. Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite. CVE-2021-41617 It was discovered that sshd failed to...
Ubuntu: Security Advisory (USN-6560-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-6560-1: OpenSSH vulnerabilities
Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : OpenSSH vulnerabilities (USN-6560-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6560-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If...
FreeBSD : FreeBSD -- ssh-add does not honor per-hop destination constraints (e31a8f8e-47bf-11ee-8e38-002590c1f29c)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e31a8f8e-47bf-11ee-8e38-002590c1f29c advisory. - ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destinati...
GLSA-202307-01 : OpenSSH: Remote Code Execution
The remote host is affected by the vulnerability described in GLSA-202307-01 OpenSSH: Remote Code Execution - OpenSSH server sshd 9.1 introduced a double-free vulnerability during options.kexalgorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated...
CVE-2023-28531 affecting package openssh 8.9p1-1
CVE-2023-28531 affecting package openssh 8.9p1-1. A patched version of the package is available...
K000133517: OpenSSH vulnerability CVE-2023-28531
Security Advisory Description ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9. CVE-2023-28531 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory...
SUSE CVE-2023-28531
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...
CVE-2023-28531
creationtimestamp| type| source ---|---|--- 2023-03-17 06:31:14+00:00| seen| https://t.me/cibsecurity/60220 2024-01-26 23:00:49+00:00| seen| https://t.me/arpsyndicate/3105 2025-04-01 08:49:50+00:00| published-proof-of-concept| https://t.me/MalaysiaHacktivistz/2962 2025-04-01 08:49:50+00:00|...
CVE-2023-28531
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...
CVE-2023-28531
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...
CVE-2023-28531
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...
CVE-2023-28531
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9...
CVE-2023-28531
CVE-2023-28531 affects OpenSSH: ssh-add adds smartcard keys to ssh-agent without the intended per‑hop destination constraints, starting from OpenSSH up to version 9.2.x and earliest affected 8.9. The issue is resolved in OpenSSH 9.3 and later. Remediation is upgrading to 9.3+ (or the distro patch...