5 matches found
EulerOS Virtualization 3.0.6.0 : openssh (EulerOS-SA-2023-3440)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...
EulerOS 2.0 SP9 : openssh (EulerOS-SA-2023-2882)
According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an...
MGASA-2024-0010 Updated openssh packages fix security vulnerabilities
The updated packages fix security vulnerabilities: The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. CVE-2023-38408 Prefix Truncation Attacks in SSH...
SUSE SLED15: openssh / openssh-askpass-gnome / openssh-cavs / openssh-clients / etc (SUSE-SU-2023:2945-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2945-1 advisory. - CVE-2023-38408: Fixed a condition where specific libaries loaded via ssh-agent1's PKCS11 support could ...
PT-2023-3666
Name of the Vulnerable Software and Affected Versions OpenSSH versions 7.9p1-alt4.gost.p10.1, 7.9p1-alt4.p10.6, 9.6p1-alt1.gost, 9.6p1-alt2.gost Description OpenSSH contains a vulnerability where the ssh-agent component incorrectly handles loading certain PKCS11 providers. This can allow a remote...