CVE-2021-28913

BAB TECHNOLOGIE GmbH eibPort V3 prior version 3.9.1 allow unauthenticated attackers access to /webif/SecurityModule to validate the so called and hard coded unique 'eibPort String' which acts as the root SSH key passphrase. This is usable and part of an attack chain to gain SSH root access...

CVE-2023-42829

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to access SSH passphrases...

PT-2023-8476 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.7.9 macOS versions prior to 12.6.8 macOS versions prior to 13.5 Description: The issue is related to a lack of protection for service data in the OpenSSH package of the macOS operating system. It may allow an attack...

CVE-2021-28912

BAB TECHNOLOGIE GmbH eibPort V3. Each device has its own unique hard coded and weak root SSH key passphrase known as 'eibPort string'. This is usable and the final part of an attack chain to gain SSH root access...

Debian DLA-1576-1 : ansible security update

It was discovered that there was a potential SSH passphrase disclosure vulnerability in the ansible configuration management system, The 'User' module leaked data that was passed as a parameter to the ssh-keygen1 utility, thus revealing any credentials in cleartext form in the global process list...

Debian: Security Advisory (DLA-1576-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Guardian Digital WebTool information leak

ssh passphrase can be seen in log files...