15 matches found
Siemens SIMATIC and SCALANCE Devices Missing Critical Step in Authentication (CVE-2023-51384)
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys. This plugin...
Netscaler OpenSSH CVEs
Netscaler OpenSSH CVEs CVE-2023-48795 CVE-2023-51384 CVE-2023-51385...
CBL Mariner 2.0 Security Update: openssh (CVE-2023-51384)
The version of openssh installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-51384 advisory. - In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When...
K000138825: OpenSSH vulnerability CVE-2023-51384
Security Advisory Description In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token...
USN-6565-1: OpenSSH vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that OpenSSH incorrectly handled supplemental groups when running helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand as a different user. An attacker could possibl...
Fedora: Security Advisory (FEDORA-2024-7e301327c2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-51384 affecting package openssh for versions less than 8.9p1-3
CVE-2023-51384 affecting package openssh for versions less than 8.9p1-3. A patched version of the package is available...
CVE-2023-51384
creationtimestamp| type| source ---|---|--- 2024-01-04 07:51:54+00:00| seen| https://t.me/ctinow/162809 2024-01-12 10:36:51+00:00| seen| https://t.me/ctinow/167186 2024-01-26 21:18:07+00:00| seen| https://t.me/arpsyndicate/3075 2024-07-01 14:30:24+00:00| seen|...
Ubuntu: Security Advisory (USN-6565-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : OpenSSH vulnerabilities (USN-6565-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6565-1 advisory. It was discovered that OpenSSH incorrectly handled supplemental groups when running helper programs for AuthorizedKeysCommand...
Debian DSA-5586-1 : openssh - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5586 advisory. Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite. CVE-2021-41617 It was discovered that sshd failed to...
OpenBSD OpenSSH < 9.6 Multiple Vulnerabilities (Terrapin Attack)
OpenBSD OpenSSH is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...
AZL-35081 CVE-2023-51384 affecting package openssh for versions less than 9.7p1-1
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...
CVE-2023-51384
In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...
CVE-2023-51384
OpenSSH CVE-2023-51384 affects ssh-agent before 9.6: when adding PKCS#11-hosted private keys with destination constraints, constraints are only applied to the first key even if the token returns multiple keys. This can lead to incorrect constraint handling and potential disclosure of sensitive ma...