Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2024/09/05 12:0 a.m.50 views

FileZilla < 3.67.0 Insecure Key Recovery Vulnerability (CVE-2024-31497)

The FileZilla application installed on the remote host is prior to 3.67.0. It is, therefore, affected by a key recovery vulnerability where biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. Note that Nessu...

5.9CVSS7.2AI score0.05773EPSS
Exploits0References2
Debian
Debian
added 2024/06/20 6:20 p.m.22 views

[SECURITY] [DLA 3839-1] putty security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3839-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès June 20, 2024 https://wiki.debian.org/LTS -...

5.9CVSS6.3AI score0.05773EPSS
Exploits0
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.14 views

Fedora: Security Advisory for putty (FEDORA-2024-08a4a5ead8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.8AI score0.05773EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.10 views

Fedora: Security Advisory (FEDORA-2024-cba85cc558)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.9AI score0.05773EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2024/05/27 12:0 a.m.17 views

Fedora: Security Advisory for libfilezilla (FEDORA-2024-ff9a2fb31c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.9AI score0.05773EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/04/25 12:0 a.m.23 views

Fedora 38 : filezilla / libfilezilla (2024-0489e7ba1e)

The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-0489e7ba1e advisory. Fix for CVE-2024-31497 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

5.9CVSS7.7AI score0.05773EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/04/20 12:0 a.m.17 views

openSUSE Security Advisory (openSUSE-SU-2024:0111-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS5.9AI score0.05773EPSS
Exploits0References2
OSV
OSV
added 2024/04/19 12:53 p.m.9 views

OPENSUSE-SU-2024:0111-1 Security update for putty

This update for putty fixes the following issues: Update to release 0.81 Fix CVE-2024-31497: NIST P521 / ecdsa-sha2-nistp521 signatures are no longer generated with biased values of k. The previous bias compromises private keys...

5.9CVSS6.7AI score0.05773EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2024/04/19 12:0 a.m.7 views

Security update for putty (important)

openSUSE Security Update: Security update for putty Announcement ID: openSUSE-SU-2024:0111-1 Rating: important References: Cross-References: CVE-2024-31497 Affected Products: openSUSE Backports SLE-15-SP5 An update that fixes one vulnerability is now available. Description: This update for putty...

5.9CVSS7.2AI score0.05773EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/04/16 11:14 a.m.89 views

Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack

The maintainers of the PuTTY Secure Shell SSH and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full recovery of NIST P-521 ecdsa-sha2-nistp521 private keys. The flaw has been assigned the CVE identifier...

6.1AI score0.05773EPSS
Exploits0
Circl
Circl
added 2024/04/16 8:46 a.m.31 views

CVE-2024-31497

creationtimestamp| type| source ---|---|--- 2024-04-16 08:46:23+00:00| seen| https://t.me/habrcomnews/26965 2024-04-16 14:06:21+00:00| seen| https://t.me/KomunitiSiber/1793 2024-04-16 14:12:39+00:00| seen| https://t.me/RedTeamFeed/267 2024-04-16 14:49:01+00:00| seen|...

5.9CVSS6.8AI score0.05773EPSS
Exploits0References37
Tenable Nessus
Tenable Nessus
added 2024/04/16 12:0 a.m.46 views

FreeBSD : PuTTY and embedders (f.i., filezilla) -- biased RNG with NIST P521/ecdsa-sha2-nistp521 signatures permits recovering private key (080936ba-fbb7-11ee-abc8-6960f2492b1d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 080936ba-fbb7-11ee-abc8-6960f2492b1d advisory. - In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a...

5.9CVSS7.7AI score0.05773EPSS
Exploits0References7
Kaspersky
Kaspersky
added 2024/04/16 12:0 a.m.19 views

KLA73523 OSI vulnerability in WinSCP

Information disclosure vulnerability was found in WinSCP. Malicious users can exploit this vulnerability to obtain sensitive information, bypass security restrictions. Original advisories Changes in WinSCP 6.3.3 Exploitation Public exploits exist for this vulnerability. Related products WinSCP CV...

5.9CVSS5.9AI score0.05773EPSS
Exploits0References3
Kaspersky
Kaspersky
added 2024/04/15 12:0 a.m.25 views

KLA65600 OSI vulnerability in FileZilla

Information disclosure vulnerability was found in FileZilla. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories oss-security – CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client Exploitation...

5.9CVSS5.8AI score0.05773EPSS
Exploits0References4
Rows per page
Query Builder