Lucene search
K

126 matches found

Cvelist
Cvelist
added 2015/07/04 10:0 a.m.22 views

CVE-2015-4196

Platform Software before 4.4.5 in Cisco Unified Communications Domain Manager CDM 8.x has a hardcoded password for a privileged account, which allows remote attackers to obtain root access by leveraging knowledge of this password and entering it in an SSH session, aka Bug ID CSCuq45546...

6.8AI score0.01948EPSS
Exploits0References2
securityvulns
securityvulns
added 2015/03/15 12:0 a.m.48 views

[SECURITY] [DSA 3182-1] libssh2 security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3182-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 11, 2015 http://www.debian.org/security/faq -...

6.8CVSS1.7AI score0.03501EPSS
Exploits0
Kitploit
Kitploit
added 2014/12/16 1:45 a.m.20 views

PuttyRider - Hijack Putty sessions in order to sniff conversation and inject Linux commands

PuttyRider injects a DLL into a running putty.exe process in order to sniff all communication and inject Linux commands on the remote server. This can be useful in an internal penetration test when you already have access to a sysadmin’s machine who has a Putty session open to a Linux server. You...

7.9AI score
Exploits0References1
NVD
NVD
added 2014/10/08 1:55 a.m.25 views

CVE-2014-7299

Unspecified vulnerability in administrative interfaces in ArubaOS 6.3.1.11, 6.3.1.11-FIPS, 6.4.2.1, and 6.4.2.1-FIPS on Aruba controllers allows remote attackers to bypass authentication, and obtain potentially sensitive information or add guest accounts, via an SSH session...

7.5CVSS6.4AI score0.02104EPSS
Exploits1References1
Cvelist
Cvelist
added 2014/10/08 1:0 a.m.33 views

CVE-2014-7299

Unspecified vulnerability in administrative interfaces in ArubaOS 6.3.1.11, 6.3.1.11-FIPS, 6.4.2.1, and 6.4.2.1-FIPS on Aruba controllers allows remote attackers to bypass authentication, and obtain potentially sensitive information or add guest accounts, via an SSH session...

6.4AI score0.02104EPSS
Exploits1References1
Exploit DB
Exploit DB
added 2014/08/29 12:0 a.m.50 views

F5 Big-IP - rsync Access

When configured in a high availability mode, the F5 solution suffers from an unauthenticated rsync access vulnerability that can be leveraged to upload a malicious SSH key and gain remote root access to the appliance. The BigIP platform configures an rsync daemon listening on the ConfigSync...

7.4AI score
Exploits0
NVD
NVD
added 2014/06/14 11:18 a.m.12 views

CVE-2014-0960

IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1.0.4 IF1 allows remote authenticated users to bypass intended access restrictions by establishing an SSH session from a deployed virtual machine...

6.6CVSS6.1AI score0.00584EPSS
Exploits0References3
Prion
Prion
added 2014/06/14 11:18 a.m.9 views

Design/Logic Flaw

IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1.0.4 IF1 allows remote authenticated users to bypass intended access restrictions by establishing an SSH session from a deployed virtual machine...

6.6CVSS6.6AI score0.00584EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2014/06/14 10:0 a.m.19 views

CVE-2014-0960

IBM PureApplication System 1.0 before 1.0.0.4 cfix8 and 1.1 before 1.1.0.4 IF1 allows remote authenticated users to bypass intended access restrictions by establishing an SSH session from a deployed virtual machine...

6.1AI score0.00584EPSS
Exploits0References3
NVD
NVD
added 2014/05/26 12:25 a.m.23 views

CVE-2014-2200

Cisco NX-OS 5.0 before 5.05 on Nexus 7000 devices, when local authentication and multiple VDCs are enabled, allows remote authenticated users to gain privileges within an unintended VDC via an SSH session to a management interface, aka Bug ID CSCti11629...

7.1CVSS6.5AI score0.01351EPSS
Exploits0References1
NVD
NVD
added 2014/04/23 11:52 a.m.18 views

CVE-2012-4638

Cisco IOS before 15.11SY allows local users to cause a denial of service device reload by establishing an outbound SSH session, aka Bug ID CSCto00318...

4.9CVSS6.2AI score0.00293EPSS
Exploits0References1
NVD
NVD
added 2014/04/23 11:52 a.m.17 views

CVE-2012-5014

Cisco IOS before 15.12SY allows remote authenticated users to cause a denial of service device crash by establishing an SSH session from a client and then placing this client into a 1 slow or 2 idle state, aka Bug ID CSCto87436...

6.3CVSS6.3AI score0.01313EPSS
Exploits0References1
Cvelist
Cvelist
added 2014/04/23 10:0 a.m.28 views

CVE-2012-4638

Cisco IOS before 15.11SY allows local users to cause a denial of service device reload by establishing an outbound SSH session, aka Bug ID CSCto00318...

6.2AI score0.00293EPSS
Exploits0References1
Prion
Prion
added 2014/02/22 9:55 p.m.20 views

Hardcoded credentials

Cisco UCS Director formerly Cloupia before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930...

9.3CVSS7.3AI score0.01844EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2014/02/22 9:0 p.m.26 views

CVE-2014-0709

Cisco UCS Director formerly Cloupia before 4.0.0.3 has a hardcoded password for the root account, which makes it easier for remote attackers to obtain administrative access via an SSH session to the CLI interface, aka Bug ID CSCui73930...

6.8AI score0.01844EPSS
Exploits1References1
OSV
OSV
added 2013/09/16 7:14 p.m.2 views

DEBIAN-CVE-2013-4259

runner/connectionplugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/...

1.9CVSS6.5AI score0.00339EPSS
Exploits0References1
OSV
OSV
added 2013/09/16 7:14 p.m.7 views

CVE-2013-4259

runner/connectionplugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/...

5.9AI score
Exploits0References4
UbuntuCve
UbuntuCve
added 2013/09/16 7:14 p.m.26 views

CVE-2013-4259

runner/connectionplugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/...

1.9CVSS7.1AI score0.00339EPSS
Exploits0References2
PyPA
PyPA
added 2013/09/16 7:14 p.m.6 views

PYSEC-2013-1

runner/connectionplugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/...

1.9CVSS6.5AI score0.00339EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2013/06/30 7:27 p.m.12 views

CVE-2013-2342

The HP StoreOnce D2D backup system with software before 3.0.0 has a default password of badg3r5 for the HPSupport account, which allows remote attackers to obtain administrative access and delete data via an SSH session...

7.7CVSS6.8AI score0.0082EPSS
Exploits0References2
Rows per page
Query Builder