Lucene search
K

400 matches found

CVE
CVE
added 2002/12/17 5:0 a.m.154 views

CVE-2002-1359

CVE-2002-1359 involves a buffer overflow in multiple SSH2 implementations, notably the PuTTY SSH client (affected versions: <= 0.53). The issue arises when handling large packets/fields during SSH, as demonstrated by the SSHredder test suite, potentially enabling remote code execution or a den...

10CVSS8.1AI score0.80233EPSS
Exploits6References7Affected Software7
CERT
CERT
added 2002/12/16 12:0 a.m.62 views

Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization

Overview Secure shell SSH transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. A remote attacker could execute arbitrary code with the privileges of the SSH...

8.1AI score
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2002/03/06 12:0 a.m.3547 views

SSH Protocol Version 1 Session Key Retrieval

The remote SSH daemon supports connections made using the version 1.33 and/or 1.5 of the SSH protocol. These protocols are not completely cryptographically safe so they should not be used. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10882; scriptversion"1.37";...

7.5CVSS7.7AI score0.07032EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2002/03/06 12:0 a.m.188 views

SSH Protocol Versions Supported

This plugin determines the versions of the SSH protocol supported by the remote SSH daemon. TRUSTED...

5.5AI score
Exploits0
NVD
NVD
added 2001/12/31 5:0 a.m.17 views

CVE-2001-1585

SSH protocol 2 aka SSH-2 public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote attackers to bypass authentication as...

6.8CVSS6.8AI score0.01924EPSS
Exploits0References4
CERT
CERT
added 2001/12/07 12:0 a.m.21 views

OpenSSH does not initialize PAM session thereby allowing PAM restrictions to be bypassed

Overview OpenSSH is an implementation of the Secure Shell SSH protocol. It can be configured to use Linux Pluggable Authentication Modules PAM for added authentication. A vulnerability exists in OpenSSH, and perhaps other implementations of SSH, which can allow to potentially bypass PAM...

7.1AI score
Exploits0References3
securityvulns
securityvulns
added 2001/09/27 12:0 a.m.26 views

OpenSSH Security Advisory (adv.option)

Weakness in OpenSSH's source IP based access control for SSH protocol v2 public key authentication. 1. Systems affected: Versions of OpenSSH between 2.5.x and 2.9.x using the 'from=' key file option in combination with both RSA and DSA keys in /.ssh/authorizedkeys2. 2. Description: Depending on t...

0.7AI score
Exploits0
NVD
NVD
added 2001/08/22 4:0 a.m.29 views

CVE-2001-0572

The SSH protocols 1 and 2 aka SSH-2 as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: 1 password lengths or ranges of lengths, which simplifies brute force password guessing, 2 whether RSA or DS...

7.5CVSS6.5AI score0.07032EPSS
Exploits1References5
CVE
CVE
added 2001/07/27 4:0 a.m.269 views

CVE-2001-0572

CVE-2001-0572 concerns the SSH protocols 1 and 2 as implemented in OpenSSH and other packages. The connected documents confirm concrete details: the issue enables a remote attacker to sniff and disclose information such as password lengths, the authentication method (RSA/DSA), the number of autho...

7.5CVSS9.4AI score0.07032EPSS
Exploits1References5Affected Software2
Positive Technologies
Positive Technologies
added 2001/07/27 12:0 a.m.15 views

PT-2001-1770 · Openssh +1 · Openssh +1

Name of the Vulnerable Software and Affected Versions: OpenSSH affected versions not specified Description: The SSH protocols 1 and 2 as implemented in OpenSSH have various weaknesses that can allow a remote attacker to obtain sensitive information via sniffing. This includes password lengths or...

10CVSS7.7AI score0.99506EPSS
Exploits207References338
securityvulns
securityvulns
added 2001/06/28 12:0 a.m.57 views

Security Advisory: Multiple SSH vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Security Advisory: Multiple SSH vulnerabilities Revision 1.0 - INTERIM For public release 2001 June 27 08:00 UTC -0800 Summary Three different Cisco product lines are susceptible to multiple vulnerabilities in the Secure Shell SSH protocol. These issues are...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2001/02/08 12:0 a.m.21 views

SSH 1.2.x - CRC-32 Compensation Attack Detector

SSH 1.2.x - CRC-32 Compensation Attack Detector // source: https://www.securityfocus.com/bid/2347/info Secure Shell, or SSH, is an encrypted remote access protocol. SSH or code based on SSH is used by many systems all over the world and in a wide variety of commercial applications. An...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2001/02/05 12:0 a.m.22 views

SSH 1.2.30 - Daemon Logging Failure

SSH 1.2.30 - Daemon Logging Failure source: https://www.securityfocus.com/bid/2345/info SSH1 is the implementation of the Secure Shell communication protocol by SSH Communications. SSH1 is version 1 of the protocol specified by IETF draft to protect the integrity of traffic over the network. A...

7.4AI score
Exploits0
CERT
CERT
added 2001/01/18 12:0 a.m.25 views

Weak CRC allows last block of IDEA-encrypted SSH packet to be changed without notice

Overview There is an information integrity vulnerability in the SSH1 protocol that allows the last block of an IDEA-encrypted session to be modified without notice. Description Preconditions: Session is encrypted using IDEA cipher. Compression is disabled. SSH clients configured to use the IDEA...

6.7AI score
Exploits0References3
Exploit DB
Exploit DB
added 2001/01/16 12:0 a.m.24 views

SSH 1.2.x - Secure-RPC Weak Encrypted Authentication

// source: https://www.securityfocus.com/bid/2222/info SSH is a package designed to encrypt traffic between two end points using the IETF specified SSH protocol. The SSH1 package is distributed and maintained by SSH Communications Security. A problem exists which could allow the discovery of the...

7AI score
Exploits0
securityvulns
securityvulns
added 2000/12/16 12:0 a.m.25 views

DoS против Cisco Catalyst (SSH Protocol Mismatch)

Подключение к ssh порту по не-ssh протоколу приводит к отказу коммутатора...

1.1AI score
Exploits0References1
Cisco
Cisco
added 2000/12/13 6:0 p.m.19 views

Cisco Catalyst SSH Protocol Mismatch Vulnerability

...

1.6AI score
Exploits0References1
exploitpack
exploitpack
added 2000/12/13 12:0 a.m.21 views

Cisco Catalyst 400050006000 6.1 - SSH Protocol Mismatch Denial of Service

Cisco Catalyst 400050006000 6.1 - SSH Protocol Mismatch Denial of Service source: https://www.securityfocus.com/bid/2117/info Software versions 6.11, 6.11a and 6.11b for Catalyst 4000, 5000, and 6000 devices that support SSH and 3 DES encryption contain a vulnerability that may allow an attacker ...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2000/02/16 5:0 a.m.24 views

CVE-2000-0143

The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP...

6.5AI score0.00349EPSS
Exploits0References1
NVD
NVD
added 2000/02/11 5:0 a.m.17 views

CVE-2000-0143

The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP...

4.6CVSS6.5AI score0.00349EPSS
Exploits0References1
Rows per page
Query Builder