116 matches found
FritzFrog P2P Botnet Attacking Healthcare, Education and Government Sectors
A peer-to-peer Golang botnet has resurfaced after more than a year to compromise servers belonging to entities in the healthcare, education, and government sectors within a span of a month, infecting a total of 1,500 hosts. Dubbed FritzFrog, "the decentralized botnet targets any device that expos...
PT-2022-15855 · Jenkins · Jenkins Publish Over Ssh Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Publish Over SSH Plugin versions 1.22 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read access to connect to an attacker-specified SSH server using attacker-specified credentials...
SUSE: Security Advisory (SUSE-SU-2022:0040-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 8 : container-tools:ol8 (ELSA-2021-1796)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-1796 advisory. - address CVE-2019-19921 by updating to rc10 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. No...
CVE-2020-15387
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications...
Design/Logic Flaw
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications...
CVE-2020-15387
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications...
CVE-2020-15387
The CVE-2020-15387 entry concerns Brocade Fabric OS hosts whose SSH servers (and SANnav) used keys
SUSE: Security Advisory (SUSE-SU-2019:13931-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in OpenSSH affects IBM Integrated Analytics System
Summary Redhat provided OpenSSH is used by IBM Integrated Analytics System. This bulletin provides mitigation for the reported CVE. Vulnerability Details CVEID: CVE-2020-14145 DESCRIPTION: OpenSSH is vulnerable to a man-in-the-middle attack, caused by an observable discrepancy flaw. An attacker...
CVE-2020-29652
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers...
FritzFrog Botnet Attacks Millions of SSH Servers
A peer-to-peer P2 botnet called FritzFrog has hopped onto the scene, and researchers said it has been actively breaching SSH servers since January. SSH servers are pieces of software found in routers and IoT devices, among other machines, and they use the secure shell protocol to accept connectio...
A New Fileless P2P Botnet Malware Targeting SSH Servers Worldwide
Cybersecurity researchers today took the wraps off a sophisticated, multi-functional peer-to-peer P2P botnet written in Golang that has been actively targeting SSH servers since January 2020. Called "FritzFrog," the modular, multi-threaded and file-less botnet has breached more than 500 servers t...
SCANdalous! (External Detection Using Network Scan Data and Automation)
Real Quick In case you’re thrown by that fantastic title, our lawyers made us change the name of this project so we wouldn’t get sued. SCANdalous—a.k.a. Scannah Montana a.k.a. Scanny McScanface a.k.a. “Scan I Kick It? Yes You Scan”—had another name before today that, for legal reasons, we’re...
New Kaiji Botnet Targets IoT, Linux Devices
A new botnet has been infecting internet of things IoT devices and Linux-based servers, to then leverage them in distributed denial-of-service DDoS attacks. The malware, dubbed Kaiji, has been written from scratch, which researchers say is “rare in the IoT botnet landscape” today. Kaiji, which wa...
Go SSH servers 0.0.2 - Denial of Service (PoC)
Exploit Title: Go SSH servers 0.0.2 - Denial of Service PoC Author: Mark Adams Date: 2020-02-21 Link: https://github.com/mark-adams/exploits/blob/master/CVE-2020-9283/poc.py CVE: CVE-2020-9283 Running this script may crash the remote SSH server if it is vulnerable. The GitHub repository contains ...
EulerOS 2.0 SP2 : openssh (EulerOS-SA-2019-2483)
According to the version of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filenam...
Amazon Linux AMI : openssh (ALAS-2019-1313)
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server or Man-in-The-Middle attacker can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transferred. This...
NewStart CGSL MAIN 4.05 : openssh-latest Vulnerability (NS-SA-2019-0157)
The remote NewStart CGSL host, running version MAIN 4.05, has openssh-latest packages installed that are affected by a vulnerability: - In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact i...
Amazon Linux 2 : openssh (ALAS-2019-1216)
An issue was discovered in OpenSSH. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks are prevented. A...