12 matches found
EUVD-2015-3381
Malware in sbrugna...
RHEL 8 : openssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: User enumeration via malformed packets in authentication requests CVE-2018-15919 - openssh:...
EulerOS 2.0 SP12 : sudo (EulerOS-SA-2024-1755)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.15 might allow row hammer attacks for authentication bypass or privilege escalation because application logic sometimes is based on n...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2024-1537)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : sudo (EulerOS-SA-2024-1229)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.15 might allow row hammer attacks for authentication bypass or privilege escalation because application logic sometimes is based on...
EulerOS 2.0 SP10 : sudo (EulerOS-SA-2024-1348)
According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sudo before 1.9.15 might allow row hammer attacks for authentication bypass or privilege escalation because application logic sometimes is based on...
K000138643: OpenSSH vulnerability CVE-2023-51767
Security Advisory Description OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks for authentication bypass because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat...
SUSE CVE-2023-51767
OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks for authentication bypass because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...
CVE-2023-51767
OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks for authentication bypass because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...
PT-2023-8128
Name of the Vulnerable Software and Affected Versions OpenSSH versions 9.6 and earlier Description The issue is related to a potential row hammer attack that could allow authentication bypass. This is applicable to a certain threat model of attacker-victim co-location in which the attacker has us...
CVE-2023-42465
Sudo before 1.9.15 might allow row hammer attacks for authentication bypass or privilege escalation because application logic sometimes is based on not equaling an error value instead of equaling a success value, and because the values do not resist flips of a single bit...
Mac OS X Multiple EFI Vulnerabilities (EFI Security Update 2015-001)
The remote Mac OS X host is running EFI firmware that is affected by multiple vulnerabilities : - An insufficient locking issue exists, when resuming from sleep states, which allows a local attacker to write to the EFI flash memory by using an crafted application with root privileges. CVE-2015-36...