Lucene search
K

262 matches found

OSV
OSV
added 2019/03/25 6:29 p.m.1 views

UBUNTU-CVE-2019-3863

A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used by the SSH client as an index to copy memory causing...

8.8CVSS6.9AI score0.03437EPSS
Exploits0References5
The Hacker News
The Hacker News
added 2019/03/20 9:35 a.m.123 views

PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws

The popular SSH client program PuTTY has released the latest version of its software that includes security patches for 8 high-severity security vulnerabilities. PuTTY is one of the most popular and widely used open-source client-side programs that allows users to remotely access computers over...

8.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2019/01/30 12:0 a.m.76 views

openSUSE Security Update : openssh (openSUSE-2019-93)

This update for openssh fixes the following issues : Security issue fixed : - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers t...

6.8CVSS7.1AI score0.58204EPSS
Exploits10References8
OSV
OSV
added 2019/01/18 1:19 p.m.12 views

SUSE-SU-2019:0126-1 Security update for openssh

This update for openssh fixes the following issues: Security issues fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...

6.8CVSS6.7AI score0.58204EPSS
Exploits10References9
OpenVAS
OpenVAS
added 2018/06/04 12:0 a.m.73 views

Bitvise SSH Server 6.x < 6.51, 7.x < 7.41 DoS Vulnerability

Bitvise SSH Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.2AI score
Exploits0References1
OpenVAS
OpenVAS
added 2018/06/04 12:0 a.m.56 views

Bitvise SSH Client Detection (Windows SMB Login)

SMB login-based detection of the Bitvise SSH Client. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/06/01 12:0 a.m.23 views

Bitvise SSH Client Installed

Binary data bitvisesshclientinstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2018/06/01 12:0 a.m.191 views

Bitvise SSH Client 6.x / 7.x < 7.41 Denial of Service (DoS) Vulnerability

The version of Bitvise SSH Client installed on the remote Windows host is 6.x or 7.x prior to 7.41. It is, therefore, affected by a denial of service vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid110289; scriptversion"1.2";...

5.6AI score
Exploits0References1
OSV
OSV
added 2018/04/15 1:33 p.m.8 views

MGASA-2018-0204 Updated python-paramiko packages fix security vulnerability

A flaw was found in the implementation of transport.py in Paramiko, which did not properly check whether authentication was completed before processing other requests. A customized SSH client could simply skip the authentication step CVE-2018-7750. This flaw is a user authentication bypass in the...

9.8CVSS9.5AI score0.27065EPSS
Exploits10References3
PyPA
PyPA
added 2017/09/26 2:29 p.m.7 views

PYSEC-2017-39

Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's sshclient...

9CVSS7.4AI score0.03205EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2017/04/04 2:59 p.m.15 views

CVE-2017-3204

The Go SSH library x/crypto/ssh by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism...

8.1CVSS6.8AI score0.03156EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2016/11/21 12:0 a.m.10 views

PT-2021-5495 · Saltstack +3 · Saltstack Salt +3

Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: The issue is related to errors in processing input data in the ssh client of the salt-api in SaltStack Salt. This can allow a remote attacker to execute arbitrary commands with elevated...

10CVSS8AI score0.99585EPSS
Exploits40References206
Packet Storm
Packet Storm
added 2016/11/03 12:0 a.m.35 views

Axessh 4.2.2 Denial Of Service

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: ============ www.labf.com Product: ============= Axessh 4.2.2 Axessh is a SSH client. It is a superb terminal...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2016/11/03 12:0 a.m.25 views

Axessh 4.2 - Denial of Service

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: ============ www.labf.com Product: ============= Axessh 4.2.2 Axessh is a SSH client. It is a superb terminal...

7.4AI score
Exploits0
hackapp
hackapp
added 2016/08/16 2:35 p.m.116 views

JuiceSSH - SSH Client - Customized SSL, Exported components, External URLs vulnerabilities

HackApp vulnerability scanner discovered that application JuiceSSH - SSH Client published at the 'play' market has multiple vulnerabilities...

0.2AI score
Exploits0References1Affected Software1
Fedora
Fedora
added 2016/08/01 6:54 p.m.11 views

[SECURITY] Fedora 23 Update: dropbear-2016.74-1.fc23

Dropbear is a relatively small SSH server and client. It's particularly use ful for "embedded"-type Linux or other Unix systems, such as wireless routers...

2.9AI score
Exploits0
Palo Alto Networks
Palo Alto Networks
added 2016/07/12 12:0 a.m.98 views

OpenSSH vulnerabilities

OpenSSH contains two vulnerabilities CVE-2016-0777 and CVE-2016-0778 affecting the SSH client roaming feature when connecting to a malicious server. Exploitation of this issue can leak portions of memory from the SSH client process. Ref 90508...

4.6CVSS2.3AI score0.63468EPSS
Exploits3Affected Software1
Symantec
Symantec
added 2016/06/14 8:0 a.m.75 views

SA126 : OpenSSH Vulnerabilities January/April 2016

SUMMARY Blue Coat products that include a vulnerable version of OpenSSH are susceptible to two vulnerabilities. A malicious user with local shell access can escalate their privileges and execute arbitrary code with root privileges. A remote attacker acting as an SSH server can establish trusted X...

7.5CVSS2.6AI score0.13736EPSS
Exploits0Affected Software16
Kitploit
Kitploit
added 2016/02/10 10:12 p.m.26 views

SideDoor - Debian/Ubuntu Backdoor Using A Reverse SSH Tunnel

sidedoor maintains a reverse tunnel to provide a backdoor. sidedoor can be used to remotely control a device behind a NAT. sidedoor is packaged for Debian-based systems with systemd or upstart. It has been used on Debian 8 jessie and Ubuntu 14.04 LTS trusty. The sidedoor user has full root access...

7.5AI score
Exploits0References1
Debian
Debian
added 2016/01/14 6:49 p.m.54 views

[SECURITY] [DLA 387-1] openssh security update

Package : openssh Version : 5.5p1-6+squeeze8 CVE ID : CVE-2016-0777 CVE-2016-0778 Debian Bug : 810984 The Qualys Security team discovered two vulnerabilities in the roaming code of the OpenSSH client an implementation of the SSH protocol suite. SSH roaming enables a client, in case an SSH...

8.1CVSS8AI score0.63468EPSS
Exploits3
Rows per page
Query Builder