2 matches found
USN-8090-2 openssh vulnerabilities
USN-8090-1 fixed vulnerabilities in OpenSSH. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: Jeremy Brown discovered that the OpenSSH GSSAPI Key Exchange incorrectly handled disconnecting clients. In non-default configurations where the...
Improper Neutralization of Null Byte or NUL Character
Overview Affected versions of this package are vulnerable to Improper Neutralization of Null Byte or NUL Character via the handling of URIs in ssh://. An attacker can inject shell expressions into command-line constructor by supplying URIs containing \0 characters. This is only exploitable if URI...