Exploit for CVE-2023-1234

It is an offensive tool for SSH exploitation. The repository contains a proof of concept PoC exploit for CVE-2023-1234, which targets vulnerable proxycommand configurations on SSH clients. The target product/service is OpenBSD's SSH, and the vulnerability class/vector is remote command execution...

Exploit for OS Command Injection in Openbsd Openssh

🔐 CVE-2023-51385 - OpenSSH ProxyCommand Injection PoC This...

Exploit for OS Command Injection in Openbsd Openssh

🔐 CVE-2023-51385 - OpenSSH ProxyCommand Injection PoC This...

RLSA-2024:2504 Low: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...

Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname

...

Advisory ROSA-SA-2025-2783

Software: libssh 0.9.6 OS: ROSA Virtualization 3.0 packageevrstring: libssh-0.9.6-14.rv30 CVE-ID: CVE-2023-6004 BDU-ID: 2024-00199 CVE-Crit: LOW CVE-DESC.: A vulnerability in the ProxyCommand/ProxyJump component of the libssh library is related to improper code generation controls. Exploitation o...

DEBIAN-CVE-2023-37154

checkbyssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with $IFS. This has been categorized both as fixed in e8810de, and as intended behavior...

UBUNTU-CVE-2023-37154

checkbyssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with $IFS. This has been categorized both as fixed in e8810de, and as intended behavior...

CVE-2023-37154

checkbyssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with $IFS. This has been categorized both as fixed in e8810de, and as intended behavior...

Nagios Plugins 安全漏洞

Nagios Plugins is an open source plugin from the Nagios Plugins Project. A security vulnerability exists in Nagios Plugins version 2.4.5 that originates from allowing arbitrary commands to be executed via ProxyCommand, LocalCommand, and PermitLocalCommand...

RLSA-2024:3233 Low: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

libssh security update

0.9.6-14 - Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol BPP - Fix CVE-2023-6918 Missing checks for return values for digests - Fix CVE-2023-6004 ProxyCommand/ProxyJump features allow injection of malicious code through hostname - Note: version is bumped from 12 to 14...

libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter...

Low: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

CentOS 8 : libssh (CESA-2024:3233)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3233 advisory. - A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue...

ALSA-2024:3233 Low: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...

Low: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname CVE-2023-6004 libssh: Missing checks for return values for digests...

EulerOS Virtualization 2.11.0 : libssh (EulerOS-SA-2024-1628)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...

EulerOS Virtualization 2.11.1 : libssh (EulerOS-SA-2024-1609)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...