48 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-6092
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC. CVE-2026-6092 Note that...
EUVD-2026-39573
When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...
CVE-2026-6092
When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...
DEBIAN-CVE-2026-6092
When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...
UBUNTU-CVE-2026-6092
When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...
CVE-2026-6092
When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...
CVE-2026-6092
CVE-2026-6092 describes a behavioural fallback issue when HAVE_ENCRYPT_THEN_MAC is configured: the implementation could fall back to MAC-then-Encrypt instead of Encrypt-then-MAC. The connected documents reiterate this description across multiple sources (NVD, ENISA EUVD, Debian security tracker, ...
CVE-2026-6092 Encrypt-then-MAC could fall back to MAC-then-Encrypt when HAVE_ENCRYPT_THEN_MAC is configured
When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...
CVE-2026-6092
When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...
CVE-2026-6092
When HAVEENCRYPTTHENMAC is configured, the implementation could fall back to MAC-then-Encrypt rather than enforcing Encrypt-then-MAC...
PT-2026-52600
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description When HAVE ENCRYPT THEN MAC is configured, the implementation may incorrectly fall back to MAC-then-Encrypt instead of enforcing the Encrypt-then-MAC sequence...
EUVD-2017-12850
Malware in sbrugna...
Astra Linux – Vulnerabilities in libpod, Erlang, Paramiko
The SSH transport protocol, with certain OpenSSH extensions, found in OpenSSH versions prior to 9.6 and other products, allows remote attackers to bypass integrity checks. As a result, some packets may be omitted from the extension negotiation message. Consequently, the client and server may end ...
Huawei EulerOS: Security Advisory for python-paramiko (EulerOS-SA-2024-1773)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1533)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1552)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for proftpd (EulerOS-SA-2024-1345)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OESA-2024-1104 libssh security update
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...
OESA-2024-1081 openssh security update
OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...
OESA-2024-1066 openssh security update
OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...