43 matches found
RHCOS 4 : OpenShift Container Platform 4.14.30 (RHSA-2024:3918)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3918 advisory. - ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 Note that Nessus has not tested for this issue but has instead...
MGASA-2026-0066 Updated trilead-ssh2 packages fix security vulnerabilities
CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack...
MiracleLinux 8 : openssh-8.0p1-19.el8_9.2 (AXSA:2024-7493:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7493:01 advisory. ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 openssh: potential command injection via shell metacharacters...
Erlang/OTP (Erlang OTP) Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - Linux
Erlang/OTP Erlang OTP is vulnerable to a novel prefix truncation attack a.k.a. Terrapin attack in the SSH component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Erlang/OTP (Erlang OTP) Prefix Truncation Attacks in SSH Specification (Terrapin Attack) - Windows
Erlang/OTP Erlang OTP is vulnerable to a novel prefix truncation attack a.k.a. Terrapin attack in the SSH component. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Ubuntu: Security Advisory (USN-7051-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-7051-1 python-asyncssh vulnerability
Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : AsyncSSH vulnerability (USN-7051-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-7051-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.14.35 security update
Red Hat OpenShift Container Platform release 4.14.35 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a security impact of...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.14.34 security update
Red Hat OpenShift Container Platform release 4.14.34 is now available with updates to packages and images that fix several bugs. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a security impact of...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
CLSA-2024-1711475067 libssh: Fix of 2 CVEs
CVE-2023-1667: fix possible NULL-pointer dereference during re-keying with algorithm guessing - CVE-2023-48795: fix the prefix truncation attack on Binary Packet Protocol...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...
ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...