17 matches found
CLEANSTART-2026-PW33232 SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process
Multiple security vulnerabilities affect the istio-fips package. SSH clients receiving SSHAGENTSUCCESS when expecting a typed response will panic and cause early termination of the client process. See references for individual vulnerability details...
PT-2025-46913
Name of the Vulnerable Software and Affected Versions SSH clients affected versions not specified Description SSH clients may experience a panic and premature termination of the client process when receiving an SSH AGENT SUCCESS response while expecting a typed response. This can lead to...
EUVD-2010-0531
Malware in sbrugna...
EUVD-1999-0013
Malware in sbrugna...
EUVD-2003-0043
Malware in sbrugna...
CVE-1999-0013
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user...
Signature Verification With Malformed Public Keys
github.com/golang/crypto is vulnerable to signature verification with malformed public keys. The vulnerability exists because it does not handle malformed ed25519 public keys properly, allowing a malicious SSH client to provide malicious a ssh-ed25519 or [email protected] public keys to...
Security Bulletin: OpenSSH client bug (CVE-2016-0777 and CVE-2016-0778)
Question Security Bulletin: OpenSSH client bug CVE-2016-0777 and CVE-2016-0778 Answer Summary Aspera software is not affected by a bug that has been found in OpenSSH's client software. A bug in the OpenSSH client has been found to create an exploitable information leak, which could allow maliciou...
SA104 : OpenSSH Vulnerabilities
SUMMARY Blue Coat products using affected versions of OpenSSH are susceptible to multiple vulnerabilities. An attacker, with access to the management interface, may exploit these vulnerabilities to conduct brute-force password guessing attacks, bypass access restrictions, log in as a different...
South Korea Cyber Attack, Wiper malware and Chinese IP Address
Yesterday we reported about a massive Cyber attack on South Korea that was responsible for shutting down networks of South Korean banks and TV broadcasters. Police are still investigating the cyber attack but the country's Communications Commission has revealed that the hacking originated from a...
Design/Logic Flaw
Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...
CVE-2010-0500
Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...
CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations
-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations Original issue date: December 16, 2002 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Secure shell SSH protocol implementations in...
Older SSH clients do not allow users to disable X11 forwarding
Overview This vulnerability may allow an attacker to make unauthorized connections to affected client machines. Description Older versions of the SSH client do not allow the user to disable X11 forwarding. As a result, if the client connects to a malicious server, the server can open an X11...
CVE-1999-0013
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user...
CVE-1999-0013
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user...
CVE-1999-0013
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user...