Lucene search
K

48 matches found

Tenable Nessus
Tenable Nessus
added 2023/12/24 12:0 a.m.44 views

Debian DSA-5588-1 : putty - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5588 advisory. - PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an...

8.1CVSS7.2AI score0.93305EPSS
Exploits4References9
F5 Networks
F5 Networks
added 2023/02/21 7:49 p.m.21 views

K2773: Multiple Open SSH vulnerabilities CA-2003-24, CA-2003-26, and CA-2003-26

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

7AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2021/06/08 10:18 p.m.176 views

Security Bulletin: Vulnerabilities in SSH affect IBM DataPower Gateways (CVE-2016-10009, CVE-2016-10012)

Summary SSH vulnerabilities were disclosed by the OpenSSH Project. IBM DataPower Gateways has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-10009 DESCRIPTION: OpenSSH could allow a remote authenticated attacker to execute arbitrary code on the system, caused by the loading ...

7.8CVSS2AI score0.37431EPSS
Exploits5Affected Software1
Amazon
Amazon
added 2021/01/07 12:0 a.m.33 views

Medium: cloud-init

Issue Overview: The default cloud-init configuration included "sshdeletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one...

7.1CVSS5.2AI score0.00438EPSS
Exploits0
OSV
OSV
added 2020/01/05 3:37 p.m.13 views

MGASA-2020-0003 Updated putty packages fix security vulnerabilities

Updated putty package fixes security vulnerabilities: Two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking. Vulnerability in all the SSH client tools PuTTY, Plink, PSFTP, and PSCP if a malicious program can impersonate Pageant. Crash in GSSAP...

7.5CVSS7.8AI score0.02248EPSS
Exploits0References5
OSV
OSV
added 2019/08/26 6:19 p.m.2 views

OPENSUSE-SU-2019:2017-1 Recommended update for putty

This update for putty fixes the following issues: Update to new upstream release 0.72 boo1144547, boo1144548 Fixed two separate vulnerabilities affecting the obsolete SSH-1 protocol, both available before host key checking. Fixed a vulnerability in all the SSH client tools PuTTY, Plink, PSFTP and...

7.2AI score
Exploits0References3
OSV
OSV
added 2019/01/18 3:30 p.m.14 views

SUSE-SU-2019:13931-1 Security update for openssh

This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.7AI score0.58204EPSS
Exploits10References9
OSV
OSV
added 2019/01/18 1:19 p.m.12 views

SUSE-SU-2019:0125-1 Security update for openssh

This update for openssh fixes the following issues: Security issue fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.7AI score0.58204EPSS
Exploits10References9
ThreatPost
ThreatPost
added 2013/10/22 1:35 p.m.10 views

Months Later, EAS Equipment Still Vulnerable to SSH Bugs

More than three months ago, a researcher from IOActive published details of some serious problems he’d found with equipment used to run the Emergency Alert System, which is used to send out notifications in the case of a natural disaster or other serious situation. The researcher notified the...

0.4AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2010/09/01 12:0 a.m.306 views

Multiple SSH Vulnerabilities - Cisco Systems

Four different Cisco product lines are susceptible to multiple vulnerabilities discovered in the Secure Shell SSH protocol version 1.5. These issues have been addressed, and fixes have been integrated into the Cisco products that support this protocol. By exploiting the weakness in the SSH...

7.5CVSS7.8AI score0.07032EPSS
Exploits1References5
OSV
OSV
added 2005/08/23 4:0 a.m.7 views

CVE-2005-2666

SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the knownhosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likel...

6.5AI score
Exploits0References7
Check Point Advisories
Check Point Advisories
added 2005/02/01 12:0 a.m.8 views

SSH Older Versions Control (CVE-2001-0361)

...

4CVSS6.4AI score0.02501EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.11 views

SSH Multiple Vulnerabilities

Binary data 1974.prm...

10CVSS7.3AI score0.80233EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.14 views

SSH Multiple Vulnerabilities

Binary data 1975.prm...

10CVSS7.3AI score0.80233EPSS
Exploits6References7
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.15 views

SSH Multiple Vulnerabilities

Binary data 1973.prm...

10CVSS7.3AI score0.80233EPSS
Exploits6References7
Positive Technologies
Positive Technologies
added 2003/09/16 12:0 a.m.13 views

PT-2003-1108 · Openssh +1 · Openssh-Server +5

Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 3.7.1 OpenSSH-server versions 3.1p1 through 3.4p1 OpenSSH-askpass versions 3.1p1 through 3.4p1 OpenSSH-askpass-gnome versions 3.1p1 through 3.4p1 OpenSSH-clients versions 3.1p1 through 3.4p1 Description: The issue...

10CVSS8.8AI score0.99506EPSS
Exploits207References349
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.25 views

CVE-2001-1380

OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the /.ssh/authorizedkeys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses...

9.3AI score0.02949EPSS
Exploits0References10
securityvulns
securityvulns
added 2002/12/21 12:0 a.m.37 views

Cisco Security Advisory: Cisco Security Advisory: SSH Malformed Packet Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: SSH Malformed Packet Vulnerabilities Revision 1.0: INTERIM For Public Release 2002 December 19th 23:00 GMT - ------------------------------------------------------------------------------ Please provide your feedback on this...

0.3AI score
Exploits0
Cisco
Cisco
added 2002/12/19 11:0 p.m.111 views

SSH Malformed Packet Vulnerabilities

...

10CVSS2.1AI score0.80233EPSS
Exploits6References1Affected Software5
securityvulns
securityvulns
added 2002/12/17 12:0 a.m.47 views

CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-36 Multiple Vulnerabilities in SSH Implementations Original issue date: December 16, 2002 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Secure shell SSH protocol implementations in...

10CVSS0.3AI score0.80233EPSS
Exploits6
Rows per page
Query Builder