14 matches found
EUVD-2022-29703
Malicious code in bioql PyPI...
UBUNTU-CVE-2024-45337
Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...
SUSE CVE-2022-24950
A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId...
Security update for EternalTerminal (important)
openSUSE Security Update: Security update for EternalTerminal Announcement ID: openSUSE-SU-2022:10187-1 Rating: important References: 1202432 1202433 1202434 1202435 Cross-References: CVE-2022-24949 CVE-2022-24950 CVE-2022-24951 CVE-2022-24952 CVSS scores: CVE-2022-24949 NVD : 7.5...
Robustel R1510 web_server /action/import_authorized_keys/ OS command injection vulnerability
Talos Vulnerability Report TALOS-2022-1578 Robustel R1510 webserver /action/importauthorizedkeys/ OS command injection vulnerability October 14, 2022 CVE Number CVE-2022-34850 SUMMARY An OS command injection vulnerability exists in the webserver /action/importauthorizedkeys/ functionality of...
CVE-2022-24950
A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId...
CVE-2022-24950
A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId...
CVE-2022-24950
A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId...
Race condition
A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId...
CVE-2022-24950
A race condition exists in Eternal Terminal prior to version 6.2.0 that allows an authenticated attacker to hijack other users' SSH authorization socket, enabling the attacker to login to other systems as the targeted users. The bug is in UserTerminalRouter::getInfoForId...
SSH Authorization
This script allows users to enter the information required to authorize and login via ssh protocol. These data will be used by other tests to executed authenticated checks. OpenVAS $Id: sshauthorizationinit.nasl 6063 2017-05-03 09:03:05Z teissa $ Description: This script allows to set SSH...
SSH Authorization Check
This script tries to login with provided credentials. If the login was successful, it marks this port as available for any authenticated tests. SPDX-FileCopyrightText: 2007,2008,2009,2010,2011,2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright...
SLAD Run
This script connects to SLAD on a remote host to run remote scanners. To work properly, this script requires to be provided with a valid SSH login by means of an SSH key with pass- phrase if the SSH public key is passphrase-protected, or a password to log in. OpenVAS Vulnerability Test Fetch...
Проблема в SSH с Kerberos
При использовании Kerberos-авторизации ticket ползователя хранится в файле "none" текущей директории а не в /tmp. В том случае, когда текущий каталог находится на сетевом дисек, есть вероятность его перехвата при передаче и ксопрометации учетной записи пользователя...