EUVD-2016-1209

Malware in sbrugna...

CVE-2024-47029

In TrustySharedMemoryManager::GetSharedMemory of ondevice/trusty/trustysharedmemorymanager.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed fo...

Linux Distros Unpatched Vulnerability : CVE-2016-10012

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all...

Google Pixel 安全漏洞

Google Pixel is a smartphone from the American company Google Google. Google Pixel suffers from a buffer overflow vulnerability that stems from incorrect boundary checking in TrustySharedMemoryManager::GetSharedMemory at ondevice/trusty/trustysharedmemorymanager.cc, which could be exploited by an...

RHEL 6 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: loading of untrusted PKCS11 modules in ssh-agent CVE-2016-10009 - openssh: Bounds check can be...

SUSE CVE-2016-10012

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...

F5 Networks BIG-IP : OpenSSH vulnerability (K62201745)

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allowlocal users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the...

Ubuntu 14.04 LTS / 16.04 LTS : OpenSSH vulnerabilities (USN-3538-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3538-1 advisory. Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this iss...

USN-3538-1: OpenSSH vulnerabilities

Jann Horn discovered that OpenSSH incorrectly loaded PKCS11 modules from untrusted directories. A remote attacker could possibly use this issue to execute arbitrary PKCS11 modules. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-10009 Jann Horn discovered that OpenSSH...

EulerOS 2.0 SP1 : openssh (EulerOS-SA-2017-1138)

According to the version of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is...

Privilege escalation

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...

CVE-2016-10012

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...

OpenSSH < 7.4 Multiple Vulnerabilities

According to its banner, the version of OpenSSH running on the remote host is prior to 7.4. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in ssh-agent due to loading PKCS11 modules from paths that are outside a trusted whitelist. A local attacker can exploit this, by...

[ASA-201612-20] openssh: multiple issues

Arch Linux Security Advisory ASA-201612-20 ========================================== Severity: Medium Date : 2016-12-22 CVE-ID : CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 Package : openssh Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-110 Summary...