CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

PT-2023-7885

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 9.6 Description The issue is related to errors in key management in the ssh-agent tool of OpenSSH. It allows an attacker to disclose protected information by exploiting certain destination constraints that are not ful...

CVE-2023-51384

OpenSSH CVE-2023-51384 affects ssh-agent before 9.6: when adding PKCS#11-hosted private keys with destination constraints, constraints are only applied to the first key even if the token returns multiple keys. This can lead to incorrect constraint handling and potential disclosure of sensitive ma...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-3440)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-3407)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Nutanix AOS : (NXSA-AOS-6.7.0.6)

The version of AOS installed on the remote host is prior to 6.7.0.6. It is, therefore, affected by a vulnerability as referenced in the NXSA-AOS-6.7.0.6 advisory. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-3088)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-2921)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-2901)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2023-2882)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ROS-20230911-06

Vulnerability of ssh-agent of OpenSSH cryptographic protection tool is related to memory usage after it has been freed. Exploitation of the vulnerability could allow an attacker, acting remotely, to affect the confidentiality, integrity, and availability of protected information...

FreeBSD : FreeBSD -- Potential remote code execution via ssh-agent forwarding (291d0953-47c1-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 291d0953-47c1-11ee-8e38-002590c1f29c advisory. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path...

Amazon Linux AMI : openssh (ALAS-2023-1802)

The version of openssh installed on the remote host is prior to 7.4p1-22.80. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1802 advisory. The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...

Important: openssh

Issue Overview: The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if the target user's ssh-agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into...

Oracle Linux 6 : openssh (ELSA-2023-4428)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-4428 advisory. - Fix for CVE-2016-6210 incomplete fix Orabug: 29375502CVE-2016-6210 Tenable has extracted the preceding description block directly from the Oracle Lin...

Oracle Linux 7 : openssh (ELSA-2023-12711)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-12711 advisory. 7.4p1-23.0.1fips - Change Epoch from 1 to 10 - Enable fips KDF POST Orabug: 32461750 - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method Orabug:...

Amazon Linux 2023 : openssh, openssh-clients, openssh-keycat (ALAS2023-2023-273)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-273 advisory. The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if the target user's ssh-agent is forwarded to an...

openssh security update

7.4p1-23.0.1fips - Change Epoch from 1 to 10 - Enable fips KDF POST Orabug: 32461750 - Disable diffie-hellman-group-exchange-sha256 KEX FIPS method Orabug: 32461739 7.4p1-23.0.1 - enlarge format buffer size for certificate serial number so the log message can record any 64-bit integer without...