EUVD-2007-0841

Malware in sbrugna...

SUSE CVE-2009-1273

pamssh 1.92 and possibly other versions, as used when PAM is compiled with USE=ssh, generates different error messages depending on whether the username is valid or invalid, which makes it easier for remote attackers to enumerate usernames...

Uber Debuts SSH Key Authentication Module

Developers at Uber have unveiled a new module to help users enable the continuous re-authentication of SSH keys. The company wrote the module in order to work alongside another tool, a SSH Certificate Authority it designed, to keep stock of public SSH keys. While its CA is for its internal use,...

FreeBSD : FreeBSD -- pam_ssh() does not validate service names (e51d5b1a-4638-11e1-9f47-00e0815b8da8)

Some third-party applications, including KDE's kcheckpass command, allow the user to specify the name of the policy on the command line. Since OpenPAM treats the policy name as a path relative to /etc/pam.d or /usr/local/etc/pam.d, users who are permitted to run such an application can craft thei...

FreeBSD : FreeBSD -- pam_ssh improperly grants access when user account has unencrypted SSH private keys (eda151d8-4638-11e1-9f47-00e0815b8da8)

The OpenSSL library call used to decrypt private keys ignores the passphrase argument if the key is not encrypted. Because the pamssh module only checks whether the passphrase provided by the user is null, users with unencrypted SSH private keys may successfully authenticate themselves by providi...

FreeBSD-SA-11:09.pam_ssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-11:09.pamssh Security Advisory The FreeBSD Project Topic: pamssh improperly grants access when user account has unencrypted SSH private keys Category: contrib...

FreeBSD -- pam_ssh() does not validate service names

Problem Description: Some third-party applications, including KDE's kcheckpass command, allow the user to specify the name of the policy on the command line. Since OpenPAM treats the policy name as a path relative to /etc/pam.d or /usr/local/etc/pam.d, users who are permitted to run such an...

FreeBSD -- pam_ssh improperly grants access when user account has unencrypted SSH private keys

Problem Description: The OpenSSL library call used to decrypt private keys ignores the passphrase argument if the key is not encrypted. Because the pamssh module only checks whether the passphrase provided by the user is null, users with unencrypted SSH private keys may successfully authenticate...

Fedora Update for pam_ssh FEDORA-2011-8022

Check for the Version of pamssh OpenVAS Vulnerability Test Fedora Update for pamssh FEDORA-2011-8022 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for pam_ssh FEDORA-2011-8022

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for pam_ssh FEDORA-2011-8036

Check for the Version of pamssh OpenVAS Vulnerability Test Fedora Update for pamssh FEDORA-2011-8036 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora Update for pam_ssh FEDORA-2011-8036

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for pam_ssh FEDORA-2011-8006

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for pam_ssh FEDORA-2011-8006

Check for the Version of pamssh OpenVAS Vulnerability Test Fedora Update for pamssh FEDORA-2011-8006 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

Fedora 15 : pam_ssh-1.97-7.fc15 (2011-8022)

Drop root group privileges before executing ssh-agent 711170 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora 14 : pam_ssh-1.97-7.fc14 (2011-8006)

Drop root group privileges before executing ssh-agent 711170 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

Fedora Core 10 FEDORA-2009-3500 (pam_ssh)

The remote host is missing an update to pamssh announced via advisory FEDORA-2009-3500. OpenVAS Vulnerability Test $Id: fcore20093500.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-3500 pamssh Authors: Thomas Reinke Copyright: Copyright c 2009 E-So...

Fedora Core 9 FEDORA-2009-3627 (pam_ssh)

The remote host is missing an update to pamssh announced via advisory FEDORA-2009-3627. OpenVAS Vulnerability Test $Id: fcore20093627.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-3627 pamssh Authors: Thomas Reinke Copyright: Copyright c 2009 E-So...

Fedora Core 10 FEDORA-2009-3500 (pam_ssh)

The remote host is missing an update to pamssh announced via advisory FEDORA-2009-3500. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora Core 9 FEDORA-2009-3627 (pam_ssh)

The remote host is missing an update to pamssh announced via advisory FEDORA-2009-3627. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...