Dropbear SSH Server DSS Verification Failure Remote Privilege Escalation

The remote host is running Dropbear prior to version 0.43. There is a flaw in this version of Dropbear that could enable a remote attacker to gain control of the system from a remote location. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid14234; scriptversion"1.21";...

Dropbear SSH Server Username Remote Format String

The remote host is runnning Dropbear SSH. There is a format string vulnerability in all versions of the Dropbear SSH server up to and including version 0.34. An attacker may use this flaw to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc";...

Dropbear SSH Server format string bug

Format string bug on syslog call;...

[UNIX] Dropbear SSH Server Format String Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

SSH1 SSH Daemon Logging Failure

The remote host is running SSH Communications Security SSH 1.2.30 or older. The remote version of this software does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute-force attack. This script was written by Xue Yong Zhi See t...

Cisco Security Advisory: Cisco Security Advisory: SSH Malformed Packet Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: SSH Malformed Packet Vulnerabilities Revision 1.0: INTERIM For Public Release 2002 December 19th 23:00 GMT - ------------------------------------------------------------------------------ Please provide your feedback on this...

SSH Multiple Remote Vulnerabilities

According to its banner, the remote SSH server is affected by one or more of the following vulnerabilities : - CVE-2002-1357 incorrect length - CVE-2002-1358 lists with empty elements/empty strings - CVE-2002-1359 large packets and large fields - CVE-2002-1360 string fields with zeros The impact ...

PT-2002-1085

Name of the Vulnerable Software and Affected Versions OpenSSH versions through 8.7 Description The issue allows remote attackers to test whether a certain combination of username and public key is known to an SSH server. This occurs because a challenge is sent only when that combination could be...

SSH 3 AllowedAuthentications Remote Bypass

The remote host is running a version of SSH that is older than 3.1.2 and newer or equal to 3.0.0. There is a vulnerability in this release that may, under some circumstances, allow users to authenticate using a password whereas it is not explicitly listed as a valid authentication mechanism. An...

RemotelyAnywhere SSH Detection

The RemotelyAnywhere SSH server is running on this system. According to NAVCIRT, attackers target this management tool. C Tenable Network Security, Inc. Script audit and contributions from Carmichael Security Erik Anderson nb: domain no longer exists Broken link deleted include"compat.inc";...

Secure Computing SafeWord uses vulnerable ssh server

Secure Computing's SafeWord PremierAccess product earlier known as SafeWord Plus is an access control system capable of using several different authentication mechanisms for controlling access to network resources. The most used mechanism is one time passwords, generated by hardware or software...

CVE-1999-1029

SSH server sshd2 before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs...

CVE-1999-1029

SSHD2 before 2.0.12 does not log login attempts if the connection is closed early, enabling a remote attacker to guess passwords without audit entries; affected software: SSHD2 prior to 2.0.12.

CVE-1999-1010

An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy...

sshd.locked-accts.txt

NAME sshd-restricted-users-incorrect-configuration AUTHOR Marc SCHAEFER Andreas Trottmann THANKS OpenBSD security team VERSION $Id: sshd-restricted-users-incorrect-configuration,v 1.2 2000/01/25 10:27:56 schaefer Exp $ ABSTRACT In some cases where a system must be configured so that specific user...

CVE-1999-1010

An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy...

RSA Security RSAREF 2.0 - Local Buffer Overflow

RSA Security RSAREF 2.0 - Local Buffer Overflow source: https://www.securityfocus.com/bid/843/info A buffer overflow vulnerability exists in the RSAREF cryptographic library which may possibly make any software using the library vulnerable. The vulnerability exists in four functions in the rsa.c...

SSH Server Type and Version Information

It is possible to obtain information about the remote SSH server by sending an empty authentication request. TRUSTED...

CVE-1999-1029

SSH server sshd2 before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs...

CVE-1999-0547

An SSH server allows authentication through the .rhosts file...