CVE-2021-27450

GE MU320E firmware prior to v04A00.1 contains an SSH server configuration weakness (inadequate encryption strength) due to not following best practices in the SSH server config. This could contribute to misconfigurations or enable broader attacks on the device. Affected firmware lines up to v04A0...

GE MU320E Insufficient Encryption Strength Vulnerability

The MU320E is a process interface unit from GE with integrated analog and digital merge interfaces. An insufficient cryptographic strength vulnerability exists in the firmware prior to GE MU320E 04A00.1. The vulnerability stems from some aspects of the SSH server configuration file not being...

USN-4854-1 python-asyncssh vulnerability

Matthijs Kooijman discovered that AsyncSSH server did not properly handle authentication under certain conditions. An attacker with a specially crafted client could use this vulnerability to skip authentication of SSH sessions...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libssh2 Vulnerability (NS-SA-2021-0026)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libssh2 packages installed that are affected by a vulnerability: - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an...

EulerOS Virtualization for ARM 64 3.0.2.0 : libssh2 (EulerOS-SA-2021-1384)

According to the version of the libssh2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A...

OESA-2021-1069 python-paramiko security update

Paramiko is a combination of the Esperanto words for "paranoid" and "friend". It is a module for Python 2.7/3.4+ that implements the SSH2 protocol for secure encrypted and authenticated connections to remote machines. Security Fixes: Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5,...

SSB - A Faster And Simpler Way To Bruteforce SSH Server

S ecure S hell B ruteforcer — A faster & simpler way to bruteforce SSH server. Installation from Binary Download a pre-built binary from releases page, unpack and run! Or: ▶ sudo curl -sSfL 'https://git.io/kitabisa-ssb' | sh -s -- -b /usr/local/bin from Source Need go1.14+ compiler installed and...

EulerOS 2.0 SP9 : python-paramiko (EulerOS-SA-2021-1253)

According to the version of the python-paramiko packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that ca...

EulerOS 2.0 SP9 : python-paramiko (EulerOS-SA-2021-1272)

According to the version of the python-paramiko packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control vulnerability in SSH server that ca...

Secret Backdoor Account Found in Several Zyxel Firewall, VPN Products

Zyxel has released a patch to address a critical vulnerability in its firmware concerning a hardcoded, undocumented secret account that could be abused by an attacker to login with administrative privileges and compromise its networking devices. The flaw, tracked as CVE-2020-29583 CVSS score 7.8,...

Default credentials

Firmware version 4.60 of Zyxel USG devices contains an undocumented account zyfwp with an unchangeable password. The password for this account can be found in cleartext in the firmware. This account can be used by someone to login to the ssh server or web interface with admin privileges...

CVE-2020-29652

A null pointer dereference vulnerability was found in golang. When using the library's ssh server without specifying an option for GSSAPIWithMICConfig, it is possible for an attacker to craft an ssh client connection using the gssapi-with-mic authentication method and cause the server to panic...

SSF Service

The SSF service is running on the target host. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

F5 Networks BIG-IP : F5 SSH server key size vulnerability (K43404629)

The version of F5 Networks BIG-IP installed on the remote host is prior to 12.1.5.2 / 13.1.3.6 / 14.1.2.4 / 15.0.1.4 / 15.1.0.5 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K43404629 advisory. The BIG-IP and BIG-IQ host OpenSSH servers use keys less than 2048 bits...

Security Bulletin: ssh Server used in IBM WebSphere Application Server in IBM Cloud Supports Weak Key Exchange Algorithms

Summary The sshd server provided with IBM WebSphere Application Server in IBM Cloud supports weak KEX and HostKey algorithms. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- WASaaS|...

Security Bulletin: Legacy Components of IBM Netcool Configuration Manager have been updated.

Summary An out-of-date component, Maverick legacy SSH Server, has been replaced in IBM Netcool Configuration Manager 6.4.2 Fix Pack 11. This bulletin contains information on how to upgrade IBM Netcool Configuration Manager. Vulnerability Details Third Party Entry: PSIRT-ADV0022743 DESCRIPTION:...

Dropbear: Multiple vulnerabilities

Background Dropbear is an SSH server and client designed with a small memory footprint. Description Multiple vulnerabilities have been discovered in Dropbear. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaroun...

PuTTY -- Release 0.74 fixes two security vulnerabilities

Simon Tatham reports: Release 0.74 fixes the following security issues: New configuration option to disable PuTTY's default policy of changing its host key algorithm preferences to prefer keys it already knows. There is a theoretical information leak in this policy. CVE-2020-14002 In some...

EulerOS Virtualization for ARM 64 3.0.6.0 : python-paramiko (EulerOS-SA-2020-1703)

According to the version of the python-paramiko package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains a Incorrect Access Control...

Cisco IOS XE Software Secure Shell DoS (cisco-sa-ssh-dos-Un22sd2A)

According to its self-reported version, Cisco IOS XE Software is affected by a vulnerability in the Secure Shell SSH server code due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. An authenticated, remote attacker can exploit...