31 matches found
Astra Linux - уязвимость в openssh
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client. NOTE: some reports...
EUVD-2012-5941
Malware in sbrugna...
[SECURITY] Fedora 41 Update: openssh-9.9p1-4.fc41
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
Qualys TRU Discovers Two Vulnerabilities in OpenSSH: CVE-2025-26465 & CVE-2025-26466
The Qualys Threat Research Unit TRU has identified two vulnerabilities in OpenSSH. The first, tracked as CVE-2025-26465, allows an active machine-in-the-middle attack on the OpenSSH client when the VerifyHostKeyDNS option is enabled. The second, CVE-2025-26466, affects both the OpenSSH client and...
Debian dsa-5868 : openssh-client - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5868 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5868-1 [email protected] https://www.debian.org/security/...
Debian dla-3694 : openssh-client - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3694 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3694-1 [email protected]...
Debian dsa-5724 : openssh-client - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5724 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5724-1 [email protected] https://www.debian.org/security/...
[SECURITY] Fedora 39 Update: openssh-9.3p1-10.fc39
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
Fedora 39 : libssh (2023-0733306be9)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-0733306be9 advisory. New upstream release fixing CVE-2023-48795, CVE-2023-6004, CVE-2023-6918 Tenable has extracted the preceding description block directly from the...
F5 Networks BIG-IP : OpenSSH client vulnerability (K48050136)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.9 / 16.1.4 / 17.1.0. It is, therefore, affected by a vulnerability as referenced in the K48050136 advisory. The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in th...
[SECURITY] Fedora 28 Update: openssh-7.8p1-4.fc28
SSH Secure SHell is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forward...
OpenSSH 7.6p1 SCP Client - Multiple Vulnerabilities (SSHtranger Things) Exploit
Exploit Title: SSHtranger Things Exploit Author: Mark E. Haase Vendor Homepage: https://www.openssh.com/ Software Link: download link if available Version: OpenSSH 7.6p1 Tested on: Ubuntu 18.04.1 LTS CVE : CVE-2019-6111, CVE-2019-6110 ''' Title: SSHtranger Things Author: Mark E. Haase Homepage:...
Release Notes for Veeam Backup & Replication 9.0 Update 2
More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Release Notes for Veeam Backup & Replication 9.0 Update 2 Cause Please confirm you are running version 9.0.0.902 or 9.0.0.1491 prior to installing this updat...
Gentoo Security Advisory GLSA 201601-01
Gentoo Linux Local Security Checks GLSA 201601-01 SPDX-FileCopyrightText: 2016 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
MGASA-2016-0022 Updated openssh packages fix security vulnerabilities
An information leak flaw was found in the way the OpenSSH client roaming feature was implemented. A malicious server could potentially use this flaw to leak portions of memory possibly including private SSH keys of a successfully authenticated OpenSSH client CVE-2016-0777. A buffer overflow flaw...
SUSE-SU-2016:0117-1 Security update for openssh-openssl1
This update for openssh-openssl1 fixes the following issues: - CVE-2016-0777: A malicious or compromised server could cause the OpenSSH client to expose part or all of the client's private key through the roaming feature bsc961642 - CVE-2016-0778: A malicious or compromised server could could...
CVE-2016-0778
The 1 roamingread and 2 roamingwrite functions in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service heap-based...
Debian: Security Advisory (DSA-3446-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2012-6067
freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c...
Authentication flaw
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session...