UBUNTU-CVE-2018-7749

The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step...

PYSEC-2018-108

The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step...

CVE-2018-7749

The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step...

CVE-2018-7749

The CVE-2018-7749 issue affects the AsyncSSH SSH server implementation (Python library) prior to version 1.12.1. The root cause is that the server does not properly verify that authentication is completed before processing other requests, allowing a specially crafted client to skip authentication...

CVE-2018-7749

The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step...

CVE-2018-7749

The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step...

py-asyncssh -- Allows bypass of authentication

mitre.org Reports: The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests A customized SSH client can simply skip the authentication step...

GSA Bounty: SSH server compatible with several vulnerable cryptographic algorithms

An ssh-audit scan found that ssh.fr.cloud.gov supports sha1 for various purposesincluding exclusively for MAC addresses, as well as arcfour. Both of these are outdated and known vulnerable. The algorithms used are also indicative of an outdated SSH version OpenSSH 6 or Dropbear 2013. It's probabl...

Hardcoded credentials

An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a hardcoded vobot account that has root access...

CVE-2018-6825

An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a hardcoded vobot account that has root access...

CVE-2018-6825

An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a hardcoded vobot account that has root access...

CVE-2018-6825

CVE-2018-6825 : Affected product is VOBOT CLOCK devices running versions prior to 0.99.30. The vulnerability arises from an SSH server that ships with a hardcoded root-level vobot user account/password, enabling full root access. This enables remote compromise with no user interaction. According ...

The vulnerability of the process_open function in the OpenSSH cryptographic protection mechanism allows a hacker to cause a service failure.

The vulnerability of the processopen function in sftp-server.c, a component of the OpenSSH cryptographic security tool, is related to an error in the “read-only” mode of operation. Exploiting this vulnerability could allow a malicious actor to cause service failures by creating files with zero...

borgbackup -- remote users can override repository restrictions

BorgBackup reports: Incorrect implementation of access controls allows remote users to override repository restrictions in Borg servers. A user able to access a remote Borg SSH server is able to circumvent access controls post-authentication. Affected releases: 1.1.0, 1.1.1, 1.1.2. Releases 1.0.x...

CVE-2017-12084

A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server...

Design/Logic Flaw

A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server...

CVE-2017-12084

Circle with Disney firmware 2.0.1 has a backdoor via its remote control (rclient) functionality. CVE-2017-12084 can be triggered by a specific set of network packets to remotely start an SSH server (Dropbear) on the device, creating a persistent backdoor. Exploitation path involves the Apid remot...

CVE-2017-12084

A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker can send an API call to enable the SSH server...

Circle with Disney Rclient SSH Persistent Remote Access Vulnerability

Summary A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can remotely start an SSH server on the device, resulting in a persistent backdoor. An attacker send an API call to enable the SSH server. Tested...

P4wnP1: A Open Source USB Attack Platform

PenTestIT RSS Feed As of now, hardware security projects seem to be attracting me more than software based projects. Evidently, I wrote a few posts covering them - List of Portable Hardware Devices for Penetration Testing, List of Raspberry Pi DIY Projects for Anonymity, etc. among other awesome...