Lucene search
K

55 matches found

OpenVAS
OpenVAS
added 2016/06/08 12:0 a.m.25 views

Fedora Update for gsi-openssh FEDORA-2016-d31c00ca51

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.9AI score0.00627EPSS
Exploits0References2
OSV
OSV
added 2016/04/13 5:59 p.m.3 views

UBUNTU-CVE-2016-0787

The diffiehellmansha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."...

5.9CVSS6.9AI score0.02697EPSS
Exploits0References3
Hacker One
Hacker One
added 2016/03/10 5:49 p.m.32 views

Internet Bug Bounty: OpenSSH / dropbearSSHd xauth command injection

OpenSSH affects all version = 7.2p1 with X11Forwarding yes acc. to OpenSSH this bug is 20 years old and affects all versions back to openssh v1 status: fixed, vendor advisory: http://www.openssh.com/txt/x11fwd.adv dropbearSSHd affects = 2015.71 basically all versions that come with x11 support;...

6.7AI score
Exploits0
myhack58
myhack58
added 2014/09/25 12:0 a.m.20 views

The latest bash vulnerability solution-exploits warning-the black bar safety net

Is today just broke the Bash security vulnerability, and SSH bash emergency security patches is very important. Test whether the presence of the vulnerability you Please execute the following command: root@keepalivenginxmaster / env x=' :;; echo vulnerable" bash-c "echo this is a test" 1 2 3 4 5 ...

1.8AI score
Exploits0
Metasploit
Metasploit
added 2014/03/17 7:19 a.m.53 views

Quantum vmPRO Backdoor Command

This module abuses a backdoor command in Quantum vmPRO. Any user, even one without admin privileges, can get access to the restricted SSH shell. By using the hidden backdoor "shell-escape" command it's possible to drop to a real root bash shell. This module has been tested successfully on Quantum...

7.4AI score
Exploits0
NVD
NVD
added 2013/06/30 7:28 p.m.23 views

CVE-2013-0137

The default configuration of the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 contains a known SSH private key, which makes it easier for remote attackers to obtain root access, and spoof alerts, via an SSH session...

10CVSS6.5AI score0.13446EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2012/08/04 12:0 a.m.32 views

RaspberryPi Image Occidentalis 0.1 Default Credentials

Vapid Labs Larry W. Cashdollar 8/2/2012 Since a some RaspberryPi users maybe unaware of the security implications of sshd I thought I should just make a note of some issues. RaspberryPi image Occidentalis v0.1 "Adafruit 3 Raspberry Pi - especially how easy it is to hack circuits using the...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2010/06/02 12:0 a.m.26 views

Read configs to prevent root login

This plugin uses ssh to Read configs to prevent root login: Check for /etc/securettys show all non console, check if root login is not possible via SSH, check for SYSLOGSUENAB in /etc/login.defs, check for perm 0644 on /etc/securettys /etc/login.defs /etc/sshd/sshdconfig, check if rootsquash is...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/07/19 12:0 a.m.13 views

SSH IPSEC Express 4.1.0 VPN Detection

Binary data 3084.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/15 12:0 a.m.974 views

Netstat Portscanner (SSH)

Nessus was able to run 'netstat' on the remote host to enumerate the open ports. If 'netstat' is not available, the plugin will attempt to use 'ss'. See the section 'plugins options' about configuring this plugin. Note: This plugin runs on Windows using netstat.exe if the target is localhost...

5.6AI score
Exploits0References1
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.21 views

CVE-2000-0575

SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS...

6.8AI score0.00846EPSS
Exploits0References3
securityvulns
securityvulns
added 2001/07/25 12:0 a.m.46 views

Большая дырка в ssh (unauthorized access)

Если в файле паролей запись о пароле пользователя состоит из двух символов или менее это часто применяется для слудебных щаписей не относящихся к пользователям то ssh позволяет войти с такой записью без пароля...

0.8AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2001/02/21 12:0 a.m.26 views

Quick Analysiss of the recent crc32 ssh(d) bug

Abstract ----------- This article discusses the recently discovered security hole in the crc32 attack detector as found in common ssh packages like OpenSSH and derivates using the ssh-1 protocoll. There is a possible overflow during assignemnet from 32bit integer to 16bit wide one leading to...

7.8AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.25 views

CVE-2000-1169

OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent...

9.5AI score0.01849EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2000/07/16 12:0 a.m.32 views

SSH with Kerberos NFS Share Ticket Disclosure

The remote host is running a version of SSH which is older than or as old as version 1.2.27. There is a flaw in the remote version of this software which allows an attacker to eavesdrop the kerberos tickets of legitimate users of this service, as sshd will set their environment variable KRB5CCNAM...

7.2CVSS5.5AI score0.00846EPSS
Exploits0References1
Rows per page
Query Builder