Juniper Junos OS Multiple Vulnerabilities (JSA11169)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA11169 advisory. - Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by...

Debian DLA-2516-1 : gssproxy security update

It was discovered that there was an issue in the gssproxy privilege separation caused by gssproxy not unlocking condmutex prior to calling pthreadexit. For Debian 9 'Stretch', this problem has been fixed in version 0.5.1-2+deb9u1. We recommend that you upgrade your gssproxy packages. For the...

Debian: Security Advisory (DLA-2516-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2516-1] gssproxy security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2516-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb January 04, 2021 https://wiki.debian.org/LTS -...

Mail.ru: SDC bypass on calendar.mail.ru

SDCS cookie was not properly checked for few calendar.mail.ru endpoints, allowing to bypass SDC secure domain cookies protection for privilege separation between projects...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1138)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2017-1139)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OpenSSH < 3.8p1 Multiple Vulnerabilities

Binary data 701169.prm...

NewStart CGSL MAIN 4.05 : openssh-latest Multiple Vulnerabilities (NS-SA-2019-0146)

The remote NewStart CGSL host, running version MAIN 4.05, has openssh-latest packages installed that are affected by multiple vulnerabilities: - scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice...

BSA-2019-766

Security Advisory ID : BSA-2019-766 Component : OpenSSH Revision : 1.0: Final A flaw was found in the way OpenSSH handled PAM authentication when using privilege separation. An attacker with valid credentials on the system and able to fully compromise a non-privileged pre-authentication process...

Microsoft Visual Studio CVE-2018-8172 Remote Code Execution Vulnerability

Description Microsoft Visual Studio is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the current-user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Security Bulletin: Multiple vulnerabilities in openssh affect IBM Flex System Manager (FSM)

Summary Multiple vulnerabilities have been identified in openssh that is embedded in the FSM. This bulletin addresses these vulnerabilities. Vulnerability Details CVEID: CVE-2016-10011 DESCRIPTION: OpenSSH could allow a local authenticated attacker to obtain sensitive information, caused by a...

Security Bulletin: Vulnerabilities in OpenSSH affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in OpenSSH. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2016-6515 DESCRIPTION: OpenSSH is vulnerable to a denial of service, caused by the failure to limit password lengths for password authentication by the...

Amazon Linux 2 : kernel (ALAS-2018-939) (Meltdown) (Spectre)

An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upon previously...

Ubuntu 14.04 LTS / 16.04 LTS : OpenSSH vulnerabilities (USN-3538-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3538-1 advisory. Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this iss...

Amazon Linux AMI : kernel (ALAS-2018-939) (Meltdown) (Spectre)

An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upon previously...

Critical: kernel

Issue Overview: An updated kernel release for Amazon Linux has been made available which prevents speculative execution of indirect branches within the kernel. This release incorporates latest stable open source Linux security improvements to address CVE-2017-5715 within the kernel and builds upo...

Amazon Linux AMI : openssh (ALAS-2017-898)

A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses. CVE-2016-6210 It was found that OpenSSH did not limit...

CVE-2015-6473

WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation...

Design/Logic Flaw

WAGO IO 750-849 01.01.27 and WAGO IO 750-881 01.02.05 do not contain privilege separation...