OpenSSH: OpenSSH: Information disclosure due to unintended cryptographic algorithm usage

A flaw was found in OpenSSH. This vulnerability allows the system to use unintended Elliptic Curve Digital Signature Algorithm ECDSA algorithms. This occurs because the configuration for accepted public key algorithms is misinterpreted, leading to the use of weaker cryptographic methods than...

OpenSSH: OpenSSH: Low integrity impact from unconfirmed proxy-mode multiplexing sessions

A flaw was found in OpenSSH. This vulnerability allows for a low integrity impact due to the omission of connection multiplexing confirmation for proxy-mode multiplexing sessions. A local user, under specific and complex conditions requiring user interaction, could potentially establish a...

PT-2023-4594 · Ibm · Vios +1

Name of the Vulnerable Software and Affected Versions: IBM AIX versions 7.2 through 7.3 VIOS version 3.1 Description: The issue is related to improper access controls in the OpenSSH implementation, which could allow a non-privileged local user to access files outside of those allowed. This could...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Sophos Unified_Threat_Management_Software

SSHTron SSHTron is a multiplayer lightcycle game that runs through SSH. 通过下面命令连接到游戏: $ ssh 192.168.1.111:2022 Controls: WASD or vim keybindings to move do not use your arrow keys. Escape or Ctrl+C to exit. Want to choose color yourself? 有7种颜色可供选择: Red, Green, Yellow, Blue, Magenta, Cyan and White...

openssh: failure to check DNS SSHFP records in certain scenarios

It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip the DNS SSHFP record check and require the user to perform manual host verification of the DNS SSHFP record...