262 matches found
UBUNTU-CVE-2019-3863
A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used by the SSH client as an index to copy memory causing...
PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws
The popular SSH client program PuTTY has released the latest version of its software that includes security patches for 8 high-severity security vulnerabilities. PuTTY is one of the most popular and widely used open-source client-side programs that allows users to remotely access computers over...
openSUSE Security Update : openssh (openSUSE-2019-93)
This update for openssh fixes the following issues : Security issue fixed : - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers t...
SUSE-SU-2019:0126-1 Security update for openssh
This update for openssh fixes the following issues: Security issues fixed: - CVE-2018-20685: Fixed an issue where scp client allows remote SSH servers to bypass intended access restrictions bsc1121571 - CVE-2019-6109: Fixed an issue where the scp client would allow malicious remote SSH servers to...
Bitvise SSH Server 6.x < 6.51, 7.x < 7.41 DoS Vulnerability
Bitvise SSH Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Bitvise SSH Client Detection (Windows SMB Login)
SMB login-based detection of the Bitvise SSH Client. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Bitvise SSH Client Installed
Binary data bitvisesshclientinstalled.nbin...
Bitvise SSH Client 6.x / 7.x < 7.41 Denial of Service (DoS) Vulnerability
The version of Bitvise SSH Client installed on the remote Windows host is 6.x or 7.x prior to 7.41. It is, therefore, affected by a denial of service vulnerability. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid110289; scriptversion"1.2";...
MGASA-2018-0204 Updated python-paramiko packages fix security vulnerability
A flaw was found in the implementation of transport.py in Paramiko, which did not properly check whether authentication was completed before processing other requests. A customized SSH client could simply skip the authentication step CVE-2018-7750. This flaw is a user authentication bypass in the...
PYSEC-2017-39
Salt-api in SaltStack Salt before 2015.8.13, 2016.3.x before 2016.3.5, and 2016.11.x before 2016.11.2 allows arbitrary command execution on a salt-master via Salt's sshclient...
CVE-2017-3204
The Go SSH library x/crypto/ssh by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism...
PT-2021-5495 · Saltstack +3 · Saltstack Salt +3
Name of the Vulnerable Software and Affected Versions: SaltStack Salt versions prior to 3002.5 Description: The issue is related to errors in processing input data in the ssh client of the salt-api in SaltStack Salt. This can allow a remote attacker to execute arbitrary commands with elevated...
Axessh 4.2.2 Denial Of Service
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: ============ www.labf.com Product: ============= Axessh 4.2.2 Axessh is a SSH client. It is a superb terminal...
Axessh 4.2 - Denial of Service
Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AXESSH-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: ============ www.labf.com Product: ============= Axessh 4.2.2 Axessh is a SSH client. It is a superb terminal...
JuiceSSH - SSH Client - Customized SSL, Exported components, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application JuiceSSH - SSH Client published at the 'play' market has multiple vulnerabilities...
[SECURITY] Fedora 23 Update: dropbear-2016.74-1.fc23
Dropbear is a relatively small SSH server and client. It's particularly use ful for "embedded"-type Linux or other Unix systems, such as wireless routers...
OpenSSH vulnerabilities
OpenSSH contains two vulnerabilities CVE-2016-0777 and CVE-2016-0778 affecting the SSH client roaming feature when connecting to a malicious server. Exploitation of this issue can leak portions of memory from the SSH client process. Ref 90508...
SA126 : OpenSSH Vulnerabilities January/April 2016
SUMMARY Blue Coat products that include a vulnerable version of OpenSSH are susceptible to two vulnerabilities. A malicious user with local shell access can escalate their privileges and execute arbitrary code with root privileges. A remote attacker acting as an SSH server can establish trusted X...
SideDoor - Debian/Ubuntu Backdoor Using A Reverse SSH Tunnel
sidedoor maintains a reverse tunnel to provide a backdoor. sidedoor can be used to remotely control a device behind a NAT. sidedoor is packaged for Debian-based systems with systemd or upstart. It has been used on Debian 8 jessie and Ubuntu 14.04 LTS trusty. The sidedoor user has full root access...
[SECURITY] [DLA 387-1] openssh security update
Package : openssh Version : 5.5p1-6+squeeze8 CVE ID : CVE-2016-0777 CVE-2016-0778 Debian Bug : 810984 The Qualys Security team discovered two vulnerabilities in the roaming code of the OpenSSH client an implementation of the SSH protocol suite. SSH roaming enables a client, in case an SSH...