48 matches found
Debian DSA-5588-1 : putty - security update
The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5588 advisory. - PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an...
K2773: Multiple Open SSH vulnerabilities CA-2003-24, CA-2003-26, and CA-2003-26
Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...
Security Bulletin: Vulnerabilities in SSH affect IBM DataPower Gateways (CVE-2016-10009, CVE-2016-10012)
Summary SSH vulnerabilities were disclosed by the OpenSSH Project. IBM DataPower Gateways has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-10009 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary code on the system, caused by the loading ...
Medium: cloud-init
Issue Overview: The default cloud-init configuration included "sshdeletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one...
MGASA-2020-0003 Updated putty packages fix security vulnerabilities
Updated putty package fixes security vulnerabilities: Two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking. Vulnerability in all the SSH client tools PuTTY, Plink, PSFTP, and PSCP if a malicious program can impersonate Pageant. Crash in GSSAP...
OPENSUSE-SU-2019:2017-1 Recommended update for putty
This update for putty fixes the following issues: Update to new upstream release 0.72 boo1144547, boo1144548 Fixed two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking. Fixed a vulnerability in all the SSH client tools PuTTY, Plink, PSFTP and...
SUSE-SU-2019:13931-1 Security update for openssh
This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...
SUSE-SU-2019:0125-1 Security update for openssh
This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...
Months Later, EAS Equipment Still Vulnerable to SSH Bugs
More than three months ago, a researcher from IOActive published details of some serious problems he’d found with equipment used to run the Emergency Alert System, which is used to send out notifications in the case of a natural disaster or other serious situation. The researcher notified the...
Multiple SSH Vulnerabilities - Cisco Systems
Four different Cisco product lines are susceptible to multiple vulnerabilities discovered in the Secure Shell SSH protocol version 1.5. These issues have been addressed, and fixes have been integrated into the Cisco products that support this protocol. By exploiting the weakness in the SSH...
CVE-2005-2666
SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the knownhosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likel...
SSH Older Versions Control (CVE-2001-0361)
...
SSH Multiple Vulnerabilities
Binary data 1974.prm...
SSH Multiple Vulnerabilities
Binary data 1975.prm...
SSH Multiple Vulnerabilities
Binary data 1973.prm...
PT-2003-1108 · Openssh +1 · Openssh-Server +5
Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 3.7.1 OpenSSH-server versions 3.1p1 through 3.4p1 OpenSSH-askpass versions 3.1p1 through 3.4p1 OpenSSH-askpass-gnome versions 3.1p1 through 3.4p1 OpenSSH-clients versions 3.1p1 through 3.4p1 Description: The issue...
CVE-2001-1380
OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the /.ssh/authorizedkeys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses...
Cisco Security Advisory: Cisco Security Advisory: SSH Malformed Packet Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: SSH Malformed Packet Vulnerabilities Revision 1.0: INTERIM For Public Release 2002 December 19th 23:00 GMT - ------------------------------------------------------------------------------ Please provide your feedback on this...
SSH Malformed Packet Vulnerabilities
...
CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations
-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations Original issue date: December 16, 2002 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Secure shell SSH protocol implementations in...