69 matches found
openSUSE Security Advisory (SUSE-SU-2024:0057-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 / 9 : OpenShift Container Platform 4.15.0 (RHSA-2023:7201)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7201 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
SUSE SLED15: bouncycastle / bouncycastle-javadoc / bouncycastle-jmail / etc (SUSE-SU-2024:0327-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0327-1 advisory. - Updated jsch to version 0.2.15: - CVE-2023-48795: Fixed a prefix truncation issue that could lead to...
SUSE: Security Advisory (SUSE-SU-2024:0327-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:0327-1 Security update for bouncycastle, jsch
This update for bouncycastle, jsch fixes the following issues: - Updated jsch to version 0.2.15: - CVE-2023-48795: Fixed a prefix truncation issue that could lead to disclosure of sensitive information bsc1218134. - Updated bouncycastle to version 1.77...
CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2
CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2. A patched version of the package is available...
Debian dla-3719 : php-seclib - security update
The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3719 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3719-1 [email protected] https://www.debian.org/lts/security/...
Fedora 39 : golang-x-crypto (2024-7b08207cdb)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-7b08207cdb advisory. Update golang-x-crypto to v0.18.0, fix for CVE-2023-48795 Tenable has extracted the preceding description block directly from the Fedora security...
Ubuntu 16.04 ESM / 18.04 ESM : OpenSSH vulnerabilities (USN-6560-2)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6560-2 advisory. USN-6560-1 fixed several vulnerabilities in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...
SUSE: Security Advisory (SUSE-SU-2024:0057-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2024:0057-1 Security update for eclipse-jgit, jsch
This update for eclipse-jgit, jsch fixes the following issues: Security fix: - CVE-2023-4759: Fixed an arbitrary file overwrite which might have occurred with a specially crafted git repository and a case-insensitive filesystem. bsc1215298 Other fixes: jsch was updated to version 0.2.9: - Added...
FreeBSD : putty -- add protocol extension against 'Terrapin attack' (91955195-9ebb-11ee-bc14-a703705db3a6)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 91955195-9ebb-11ee-bc14-a703705db3a6 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...
Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current proftpd Vulnerability (SSA:2023-354-01)
The version of proftpd installed on the remote host is prior to 1.3.8b. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-354-01 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : OpenSSH vulnerabilities (USN-6560-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6560-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If...
AZL-32259 CVE-2023-48795 affecting package jsch for versions less than 0.1.55-2
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...
AZL-36944 CVE-2023-48795 affecting package jsch 0.1.55-3
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...
Security Bulletin: ITCAM for Transactions affected by the Security vulnerability CVE-2016-5725 found in jsch-0.1.40.jar
Summary IBM Tivoli Composite Application Manager ITCAM for Transactions - Transaction Tracking has addressed the following jsch-0.1.40.jar vulnerability and updated jsch.jar from version 0.1.40 to 0.1.55 Vulnerability Details CVEID:CVE-2016-5725 DESCRIPTION: JSch could allow a remote attacker to...
Debian: Security Advisory (DLA-611-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2016-5725
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ dot dot backslash in a response to a recursive GET command...
new packages: jsch
An update is available for jsch. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...