14829 matches found
Exploit for Race Condition in Openbsd Openssh
CVE-2024-6387 OpenSSH Vulnerability Mitigation Script Over...
[SECURITY] Fedora 40 Update: putty-0.81-1.fc40
Putty is a SSH, Telnet & Rlogin client - this time for Linux...
Fedora: Security Advisory (FEDORA-2024-d85c1f7450)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Race Condition in Openbsd Openssh
CVE-2024-6387: Race Condition in Signal Handling for OpenSSH...
CBL Mariner 2.0 Security Update: rust (CVE-2024-32884)
The version of rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32884 advisory. - gitoxide is a pure Rust implementation of Git. gix-transport does not check the username part of a URL for tex...
Debian dsa-5750 : python-asyncssh-doc - security update
The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5750 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5750-1 [email protected] https://www.debian.org/security/ Moritz...
New Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto Mining
Cybersecurity researchers have discovered a new variant of the Gafgyt botnet that's targeting machines with weak SSH passwords to ultimately mine cryptocurrency on compromised instances using their GPU computational power. This indicates that the "IoT botnet is targeting more robust servers runni...
GHSA-VGVV-X7XG-6CQG Russh has an OOM Denial of Service due to allocation of untrusted amount
Summary Allocating an untrusted amount of memory allows any unauthenticated user to OOM a russh server. Details An SSH packet consists of a 4-byte big-endian length, followed by a byte stream of this length. After parsing and potentially decrypting the 4-byte length, russh allocates enough memory...
Russh has an OOM Denial of Service due to allocation of untrusted amount
Summary Allocating an untrusted amount of memory allows any unauthenticated user to OOM a russh server. Details An SSH packet consists of a 4-byte big-endian length, followed by a byte stream of this length. After parsing and potentially decrypting the 4-byte length, russh allocates enough memory...
Debian: Security Advisory (DSA-5747-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-40892 Firewalla BTLE Weak Credentials
A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy BTLE interface. Once an attacker gains access to the...
CVE-2024-40892 Firewalla BTLE Weak Credentials
A weak credential vulnerability exists in Firewalla Box Software versions before 1.979. This vulnerability allows a physically close attacker to use the license UUID for authentication and provision SSH credentials over the Bluetooth Low-Energy BTLE interface. Once an attacker gains access to the...
CVE-2024-40892
CVE-2024-40892 affects Firewalla Box software versions prior to 1.979. A physically proximate attacker can leverage the license UUID to authenticate and provision SSH credentials over BTLE, then log in via SSH once the attacker gains LAN access. License UUID can be obtained by plain-text Bluetoot...
CVE-2024-5651
A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...
CVE-2024-5651
A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...
UBUNTU-CVE-2024-5651
A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...
CVE-2024-5651 Fence-agents-remediation: fence agent command line options leads to remote code execution
A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...
CVE-2024-5651
CVE-2024-5651 affects the Fence Agents Remediation Operator. A flaw in handling --ssh-path/--telnet-path arguments enables Remote Code Execution, allowing a low-privilege user to craft a FenceAgentsRemediation that executes arbitrary commands on the operator pod, escalating from the operator’s se...
CVE-2024-5651 Fence-agents-remediation: fence agent command line options leads to remote code execution
A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...
CVE-2024-5651
A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...