[SECURITY] [DSA 923-1] New dropbear packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 923-1 [email protected] http://www.debian.org/security/ Martin Schulze December 19th, 2005 http://www.debian.org/security/faq -...

Dropbear SSH Server < 0.47.0 svr_ses.childpidsize Remote Overflow

Binary data 3331.prm...

SSH Tectia Server Host Authentication Authorization Bypass Vulnerability

You are running a version of Tectia SSH server that is older than 5.0.1. Versions older than 5.0.1 are vulnerable to a flaw in which an attacker may bypass the authentication routine. However, the ssh server must be configured to use Host-Based authentication only. C Tenable Network Security, Inc...

SecureCRT SSH1 protocol version string overflow

The remote host is using a vulnerable version of SecureCRT, a SSH/Telnet client built for Microsoft Windows operation systems. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

CVE-2004-2486

The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access...

CVE-2004-2486

The CVE-2004-2486 entry concerns Dropbear SSH Server before version 0.43, where the DSS verification code frees uninitialized variables. This memory handling issue could allow remote attackers to gain access. The available connected documents consistently identify the affected component (Dropbear...

CVE-2004-2486

The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access...

USN-209-1: SSH server vulnerability

An information disclosure vulnerability has been found in the SSH server. When the GSSAPIAuthentication option was enabled, the SSH server could send GSSAPI credentials even to users who attempted to log in with a method other than GSSAPI. This could inadvertently expose these credentials to an...

openssh security update

CentOS Errata and Security Advisory CESA-2005:550 Updated openssh packages that fix a potential security vulnerability and various other bugs are now available. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell...

CVE-2005-2770

The issue CVE-2005-2770 affects AttachmateWRQ Reflection for Secure IT Server before 6.0 Build 24. The vulnerability stems from a Renamed Account Remote Login flaw where valid public keys continue to allow Administrator or Guest logins after those accounts have been renamed or disabled post-authe...

Tectia SSH Server < 4.3.2 Local Key Disclosure

Binary data 3043.prm...

Cisco Security Advisory: Vulnerabilities in Cisco IOS Secure Shell Server

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: ======================= Vulnerabilities in Cisco IOS Secure Shell Server ================================================ Revision 1.0 For Public Release 2005 April 06 1600 UTC GMT -...

LSH lshd parse_kexinit() Function Malformed Key Exchange Message Remote DoS

The remote host is running Lysator's LSH, a version of Secure Shell SSH that is available for Unix-like platforms. This version of LSH is reportedly vulnerable to a denial of service attack. An attacker can exploit this issue by sending a malformed key exchange message. C Tenable Network Security...

PuTTY < 0.57 SFTP Remote Buffer Overflow

Binary data 2637.prm...

CVE-2004-2486

The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access...

CVE-2004-2486

The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access...

SSH Server Detection

Binary data 1967.prm...

Dropbear SSH Server Format String (deprecated)

Binary data 1993.prm...

Dropbear SSH Server DSS Verification Failure Remote Privilege Escalation

The remote host is running Dropbear prior to version 0.43. There is a flaw in this version of Dropbear that could enable a remote attacker to gain control of the system from a remote location. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid14234; scriptversion"1.21";...

Dropbear SSH Server Username Remote Format String

The remote host is runnning Dropbear SSH. There is a format string vulnerability in all versions of the Dropbear SSH server up to and including version 0.34. An attacker may use this flaw to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc";...