34 matches found
Debian: Security Advisory (DSA-3446-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2012-6067
freeFTPd.exe in freeFTPd through 1.0.11 allows remote attackers to bypass authentication via a crafted SFTP session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c...
Authentication flaw
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session...
CVE-2012-6066
freeSSHd.exe in freeSSHd through 1.2.6 allows remote attackers to bypass authentication via a crafted session, as demonstrated by an OpenSSH client with modified versions of ssh.c and sshconnect2.c...
F5 BIG-IP SSH private key
Added: 07/03/2012 CVE: CVE-2012-1493 BID: 53897 OSVDB: 82780 Background SSH Private keys are used for authentication for many F5 BIG-IP devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker t...
Sysax SSH Username Remote Code Execution
Added: 03/06/2012 BID: 52190 OSVDB: 79689 Background Sysax Multi Server is a Secure FTP Server and SSH2 Secure Shell Server combined into a single product. It simultaneously supports remote access and file transfer using FTP, FTPS, SFTP, Telnet, and Secure Shell. It also supports web based file...
SSH password weakness
Added: 01/05/2011 CVE: CVE-1999-0502 Background Passwords are the most commonly used method of authenticating users to a server. The combination of a login name and password is used to verify the identity of a user requesting access, and to determine what parts of the server the user has permissi...
OpenSSH Client < 2.3.0 X11 Unauthorized Remote Forwarding
Binary data 1979.prm...
PT-2003-1106 · Openssh +2 · Openssh-Askpass-Gnome +6
Name of the Vulnerable Software and Affected Versions: openssh-server versions 3.1p1 through 3.4p1 openssh-askpass versions 3.1p1 through 3.4p1 openssh-askpass-gnome versions 3.1p1 through 3.4p1 openssh-clients versions 3.1p1 through 3.4p1 openssh versions 3.1p1 through 3.4p1 Description: Multipl...
OpenSSH Client Unauthorized X11 Remote Forwarding
The remote host is running a version of the OpenSSH client older than 2.3.0. Such versions do not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent. This script was written by...
OpenBSD 3.1 sshd remote root exploit
Download openssh-3.2.2p1.tar.gz and untar it $ tar -xvzf openssh-3.2.2p1.tar.gz 2. Apply the patch provided below by running: /openssh-3.2.2p1 $ patch pathtodifffile 3. Compile the patched client /openssh-3.2.2p1 $ ./configure && make ssh 4. Run the evil ssh: /openssh-3.2.2p1 $ ./ssh...
OpenSSH disregards client configuration and allows server access to ssh-agent and/or X11 after session negotiation
Overview Versions of OpenSSH client prior to 2.3.0 do not properly enforce restrictions to the ssh-agent or X11 display. Description An OpenSSH client can be configured to prevent servers from accessing the client's ssh-agent or X11 display. However, versions of OpenSSH client prior to 2.3.0 fail...
CVE-2000-1169
OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent...
PT-2006-7543 · Debian · Openssh-Client-Udeb +6
Name of the Vulnerable Software and Affected Versions: openssh-client versions prior to 4.3p2-9etch3 openssh-server versions prior to 4.3p2-9etch3 openssh-server-udeb versions prior to 4.3p2-9etch3 openssh-client-udeb versions prior to 4.3p2-9etch3 ssh-krb5 versions prior to 4.3p2-9etch3...