55 matches found
Azure Linux 3.0 Security Update: cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt (CVE-2023-48795)
The version of cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-48795 advisory. - The SSH transport protocol with certain...
CVE-2024-47857
SSH Communication Security PrivX versions between 18.0-36.0 implement insufficient validation on public key signatures when using native SSH connections via a proxy port. This allows an existing PrivX "account A" to impersonate another existing PrivX "account B" and gain access to SSH target host...
CVE-2024-55560
MailCleaner before 28d913e has default values of sshhostdsakey, sshhostrsakey, and sshhosted25519key that persist after installation...
Fortinet FortiWeb OpenSSH Terrapin attack (CVE-2023-48795) (FG-IR-23-490)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-490 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
CVE-2024-43798
CVE-2024-43798 affects Chisel, a fast TCP/UDP tunnel over HTTP secured via SSH. The vulnerability occurs because the server does not read the documented AUTH environment variable for credentials, allowing any unauthenticated user to connect even when credentials are set. This impacts deployments ...
Exploit for Race Condition in Openbsd Openssh
CVE-2024-6387 OpenSSH Vulnerability Mitigation Script Over...
Fedora 39 : putty (2024-cba85cc558)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-cba85cc558 advisory. Security fix for CVE-2024-31497. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
MGASA-2024-0004 Updated dropbear package fixes a security vulnerability
Parts of the SSH specification are vulnerable to a novel prefix truncation attack a.k.a. Terrapin attack, which allows a man-in-the-middle attacker to strip an arbitrary number of messages right after the initial key exchange, breaking SSH extension negotiation RFC8308 in the process and thus...
Rogue Session Attack (Terrapin)
ssh is vulnerable to Terrapin attack. The vulnerability is due to mishandling of the handshake phase and sequence numbers in the SSH Binary Packet Protocol BPP with certain OpenSSH extensions. This allows an attacker to bypass integrity checks and omit packets during extension negotiation, and...
Password usage analysis of brute force attacks on honeypot servers
As Microsoft’s Head of Deception, Ross Bevington is responsible for setting up and maintaining honeypots that look like legitimate systems and servers. Honeypot systems are designed to pose as an attractive target for attackers. Sometimes they are left vulnerable to create a controllable and safe...
Fedora: Security Advisory for libssh (FEDORA-2021-f2a020a065)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Western Digital My Cloud Multiple Products 5.0 < 5.15.106 Unauthorized Access Vulnerability (WDC-21009)
Multiple Western Digital My Cloud products are prone to a vulnerability that could allow unauthorized access via SSH. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Hotfix XS82E015 - For Citrix Hypervisor 8.2
Who Should Install This Hotfix? This is a hotfix for customers running Citrix Hypervisor 8.2. Information About this Hotfix Component| Details ---|--- Prerequisite| None Post-update tasks| None Content live patchable| No Baselines for Live Patch| N/A Revision History| Published on Feb02, 2021 To...
Linux: SSH AllowTcpForwarding
SSH port forwarding is a mechanism in SSH for tunneling application ports from the client to the server, or servers to clients. It can be used for adding encryption to legacy applications, going through firewalls, and some system administrators and IT professionals use it for opening backdoors in...
EUVD-2021-1059
golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH client...
Hardcoded credentials
WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW03 devices contain hardcoded private keys for the SSH daemon. The fingerprint of the SSH host key from the corresponding SSH daemon matches the embedded private key...
OpenSSH 7.6p1 SCP Client - Multiple Vulnerabilities (SSHtranger Things) Exploit
Exploit Title: SSHtranger Things Exploit Author: Mark E. Haase Vendor Homepage: https://www.openssh.com/ Software Link: download link if available Version: OpenSSH 7.6p1 Tested on: Ubuntu 18.04.1 LTS CVE : CVE-2019-6111, CVE-2019-6110 ''' Title: SSHtranger Things Author: Mark E. Haase Homepage:...
OpenSSH User Enumeration
!/usr/bin/env python2 CVE-2018-15473 SSH User Enumeration by Leap Security @LeapSecurity https://leapsecurity.io Credits: Matthew Daley, Justin Gardner, Lee David Painter import argparse, logging, paramiko, socket, sys, os class InvalidUsernameException: pass malicious function to malform packet...
An ssh-agent for every domain: SSHecret
If you have an encrypted ssh key for each domain you access you should, and you keep your unlocked keys in a single ssh-agent you maybe shouldn’t, AND you’ve ever decided you need to forward your ssh-agent, then you should feel bad. If you forward an ssh-agent with all your unique keys for every...
Tecnovision DLX Spot - SSH Backdoor Access
Exploit Title: DlxSpot - Player4 LED video wall - Hardcoded Root SSH Password. Google Dork: "DlxSpot - Player4" Date: 2017-05-14 Discoverer: Simon Brannstrom Authors Website: https://unknownpwn.github.io/ Vendor Homepage: http://www.tecnovision.com/ Software Link: n/a Version: All known versions...