RockyLinux 10 : openssh (RLSA-2025:20126)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:20126 advisory. openssh: OpenSSH SSHD Agent Forwarding and X11 Forwarding CVE-2025-32728 Tenable has extracted the preceding description block directly from the RockyLinux...

CVE-2025-32728

A flaw was found in OpenSSH. In affected versions of sshd, the DisableForwarding directive does not fully adhere to the intended functionality as documented. Specifically, it fails to disable X11 and agent forwarding, which may allow unintended access under certain configurations. Mitigation To...

Vulnerabilities fixed in MobaXterm

Vulnerabilities have been fixed in Mobatek MobaXterm. The vulnerability allows a malicious party to bypass authentication bypass and connect unauthenticated via the SSH or SFTP protocol. Furthermore, a malicious party can perform a denial-of-service DoS exploit on the SFTP protocol. The...

Mageia: Security Advisory (MGASA-2017-0093)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

packetStrider - A Network Packet Forensics Tool For SSH

packetStrider for SSH is a packet forensics tool that aims to provide valuable insight into the nature of SSH traffic, shining a light into the corners of SSH network traffic where golden nuggets of information previously lay in the dark. The problem that packet strider aims to help with AKA Why?...

Fedora 27 : 1:xrdp (2017-1c73749b66)

Security fixes - Fix local denial of service CVE-2017-16927 958 979 fix already in 0.9.4-2 New features - Add a new log level TRACE more verbose than DEBUG 835 944 - SSH agent forwarding via RDP 867 868 FreeRDP/FreeRDP4122 - Support horizontal wheel properly 928 Bug fixes - Avoid use of hard-code...

An ssh-agent for every domain: SSHecret

If you have an encrypted ssh key for each domain you access you should, and you keep your unlocked keys in a single ssh-agent you maybe shouldn’t, AND you’ve ever decided you need to forward your ssh-agent, then you should feel bad. If you forward an ssh-agent with all your unique keys for every...

GLSA-201706-09 : FileZilla: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-201706-09 FileZilla: Buffer overflow FileZilla is affected by the same vulnerability as reported in GLSA 201703-03 because the package included a vulnerable copy of PuTTY. Please read the GLSA for PuTTY referenced below for detail...

MGASA-2017-0093 Updated putty packages fix security vulnerability

In PuTTY before 0.68, if SSH agent forwarding is enabled, local attackers that are also able to connect to the UNIX domain socket could have overwritten heap data CVE-2017-6542...

openSUSE Security Update : putty (openSUSE-2017-354)

This update to putty 0.68 fixes the following security issue : - CVE-2017-6542: If SSH agent forwarding is enabled, local attackers that are also able to connect to the UNIX domain socket could have overwritten heap data boo1029256 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...