Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2018-1431)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.5.4 : openssh (EulerOS-SA-2019-1199)

According to the version of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user unt...

openSUSE Security Update : openssh (openSUSE-2019-914)

This update for openssh fixes the following issues : - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to treat such a username enumeration...

EulerOS Virtualization 2.5.1 : openssh (EulerOS-SA-2018-1411)

According to the version of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user unt...

Amazon Linux 2 : openssh (ALAS-2018-1075)

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.CVE-2018-15473 C Tenable Network...

CVE-2018-15473

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c...

CVE-2018-15473

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c...

gnutls: Stack overflow in cdk_pk_get_keyid

Stack-based buffer overflow in the cdkpkgetkeyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate...

CVE-2017-5336

CVE-2017-5336 : GnuTLS contains a stack-based buffer overflow in the cdk_pk_get_keyid function (lib/opencdk/pubkey.c), exploitable via crafted OpenPGP certificates. Affected versions are GnuTLS before 3.3.26 and 3.5.x before 3.5.8. Remediation: upgrade to a fixed release (upstream 3.3.26 or later...