3 matches found
CVE-2019-19752
nvOC through 3.2 ships with SSH host keys baked into the installation image, which allows man-in-the-middle attacks and makes identification of all public IPv4 nodes trivial with Shodan.io. NOTE: as of 2019-12-01, the vendor indicated plans to fix this in the next image build...
nvOC 安全漏洞
nvOC is a low-rate narrowband speech coding scheme from the individual developers at Payam Nab. A security vulnerability exists in nvOC 3.2 and earlier versions, which stems from the inclusion of an SSH host key in the included installation image, leading to the existence of a security...
CVE-2019-19752
CVE-2019-19752 affects nvOC up to version 3.2, where SSH host keys are baked into the installation image. This enables man-in-the-middle attacks and could make identifying public IPv4 nodes trivial via Shodan. Public Red Hat advisory confirms the issue and notes the vendor planned a fix in the ne...