433 matches found
CVE-2017-6542
The sshagentchanneldata function in PuTTY before 0.68 allows remote attackers to have unspecified impact via a large length value in an agent protocol message and leveraging the ability to connect to the Unix-domain socket representing the forwarded agent connection, which trigger a buffer overfl...
openSUSE Security Update : putty (openSUSE-2017-354)
This update to putty 0.68 fixes the following security issue : - CVE-2017-6542: If SSH agent forwarding is enabled, local attackers that are also able to connect to the UNIX domain socket could have overwritten heap data boo1029256 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
FreeBSD : PuTTY -- integer overflow permits memory overwrite by forwarded ssh-agent connections (9b973e97-0a99-11e7-ace7-080027ef73ec)
Simon G. Tatham reports : Many versions of PuTTY prior to 0.68 have a heap-corrupting integer overflow bug in the sshagentchanneldata function which processes messages sent by remote SSH clients to a forwarded agent connection. ... This bug is only exploitable at all if you have enabled SSH agent...
openSUSE Security Update : openssh (openSUSE-2017-184)
This update for openssh fixes several issues. These security issues were fixed : - CVE-2016-8858: The kexinputkexinit function in kex.c allowed remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests bsc1005480. - CVE-2016-10012: The shared memo...
PuTTY -- integer overflow permits memory overwrite by forwarded ssh-agent connections
Simon G. Tatham reports: Many versions of PuTTY prior to 0.68 have a heap-corrupting integer overflow bug in the sshagentchanneldata function which processes messages sent by remote SSH clients to a forwarded agent connection. ... This bug is only exploitable at all if you have enabled SSH agent...
FreeBSD -- OpenSSH multiple vulnerabilities
Problem Description: The ssh-agent1 agent supports loading a PKCS11 module from outside a trusted whitelist. An attacker can request loading of a PKCS11 module across forwarded agent-socket. CVE-2016-10009 When privilege separation is disabled, forwarded Unix domain sockets would be created by...
OpenSSH 7.x < 7.4 Multiple Vulnerabilities
Binary data 9855.prm...
Design/Logic Flaw
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...
CVE-2016-10009
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...
CVE-2016-10009
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...
CVE-2016-10009
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...
UBUNTU-CVE-2016-10009
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS11 modules by leveraging control over a forwarded agent-socket...
OpenSSH < 7.4 Multiple Vulnerabilities
According to its banner, the version of OpenSSH running on the remote host is prior to 7.4. It is, therefore, affected by multiple vulnerabilities : - A flaw exists in ssh-agent due to loading PKCS11 modules from paths that are outside a trusted whitelist. A local attacker can exploit this, by...
[slackware-security] openssh
New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/openssh-7.4p1-i586-1slack14.2.txz: Upgraded. This is primarily a bugfix release, and also addresses...
OpenSSH 7.4 - agent Protocol Arbitrary Library Loading
OpenSSH 7.4 - agent Protocol Arbitrary Library Loading Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1009 The OpenSSH agent permits its clients to load PKCS11 providers using the commands SSHAGENTCADDSMARTCARDKEY and SSHAGENTCADDSMARTCARDKEYCONSTRAINED if OpenSSH was compiled...
OpenSSH Arbitrary Library Loading
OpenSSH: agent protocol permits loading arbitrary libraries CVE-2016-10009 The OpenSSH agent permits its clients to load PKCS11 providers using the commands SSHAGENTCADDSMARTCARDKEY and SSHAGENTCADDSMARTCARDKEYCONSTRAINED if OpenSSH was compiled with the ENABLEPKCS11 flag normally enabled and the...
OpenSSH is now in the risk of vulnerabilities can cause remote code execution-vulnerability warning-the black bar safety net
Vulnerability number CVE-2016-10009 Vulnerability level In the risk Vulnerability OpenSSH 7.3 and the following version Vulnerability description The vulnerability appears the ssh-agent, this process by default does not start, only in a multi-host Free the password the login will only be used to...
CVE-2016-10009
It was found that ssh-agent could load PKCS11 modules from arbitrary paths. An attacker having control of the forwarded agent-socket on the server, and the ability to write to the filesystem of the client host, could use this flaw to execute arbitrary code with the privileges of the user running...
PT-2016-3068 · Openssh +7 · Openssh +7
Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 7.4 OpenSSH versions prior to 9.3p2 Description: The issue is related to an untrusted search path vulnerability in the ssh-agent component of OpenSSH, which can be exploited by remote attackers to execute arbitrary...
CentOS 7 : openssh (CESA-2015:2088)
Updated openssh packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which...