405 matches found
USN-6242-1: OpenSSH vulnerability | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description It was discovered that OpenSSH incorrectly handled loading certain PKCS11 providers. If a user forwarded their ssh-agent to an untrusted system, a remote attacker could possibly use this issue to load...
Important: openssh
Issue Overview: The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if the target user's ssh-agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into...
RLSA-2023:4419 Important: openssh security update
OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fixes: openssh: Remote code execution in ssh-agent PKCS11 support CVE-2023-38408 For more details...
Rocky Linux 8 : openssh (RLSA-2023:4419)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:4419 advisory. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarde...
Important: openssh
Issue Overview: The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if the target user's ssh-agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into...
K000135709: OpenSSH vulnerability CVE-2023-38408
Security Advisory Description The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. Code in /usr/lib is not necessarily safe for loading into ssh-agent. NOT...
openssh: Remote code execution in ssh-agent PKCS#11 support
A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...
AlmaLinux 8 : openssh (ALSA-2023:4419)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:4419 advisory. - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded ...
openssh security update
8.0p1-19 - Release bump 8.0p1-18 - Avoid remote code execution in ssh-agent PKCS11 support Resolves: CVE-2023-38408...
Oracle Linux 8 : openssh (ELSA-2023-4419)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4419 advisory. 8.0p1-19 - Release bump 8.0p1-18 - Avoid remote code execution in ssh-agent PKCS11 support Resolves: CVE-2023-38408 Tenable has extracted the preceding...
Oracle Linux 9 : openssh (ELSA-2023-4412)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4412 advisory. 8.7p1-30 - Avoid remote code execution in ssh-agent PKCS11 support Resolves: CVE-2023-38408 Tenable has extracted the preceding description block directly from...
openssh: Remote code execution in ssh-agent PKCS#11 support
A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...
openssh: Remote code execution in ssh-agent PKCS#11 support
A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...
Important: Red Hat Security Advisory: openssh security update
An update for openssh is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
openssh: Remote code execution in ssh-agent PKCS#11 support
A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...
openssh: Remote code execution in ssh-agent PKCS#11 support
A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...
openssh: Remote code execution in ssh-agent PKCS#11 support
A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...
openssh: Remote code execution in ssh-agent PKCS#11 support
A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...
openssh: Remote code execution in ssh-agent PKCS#11 support
A vulnerability was found in OpenSSH. The PKCS11 feature in the ssh-agent in OpenSSH has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system the code in /usr/lib is not necessarily safe for loading into ssh-agent...
RHEL 8 : openssh (RHSA-2023:4413)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4413 advisory. OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary f...