EulerOS Virtualization 2.10.0 : openssh (EulerOS-SA-2024-1533)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...

[SECURITY] Fedora 39 Update: filezilla-3.67.0-1.fc39

FileZilla is a FTP, FTPS and SFTP client for Linux with a lot of features. - Supports FTP, FTP over SSL/TLS FTPS and SSH File Transfer Protocol SFTP - Cross-platform - Available in many languages - Supports resume and transfer of large files greater than 4GB - Easy to use Site Manager and transfe...

Oracle Database Server (Apr 2024 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. - Vulnerability in the RDBMS Python component of Oracle Database Server. Supported versions that are affected are 21.3-21.13. Easily exploitab...

Fedora 39 : filezilla / libfilezilla (2024-8401d42de6)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-8401d42de6 advisory. Fix for CVE-2024-31497 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

CVE-2024-29951

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection...

CVE-2024-29951

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection...

CVE-2024-29951 Brocade SANnav has weak encryption in internal SSH ports

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection...

CVE-2024-29951 Brocade SANnav has weak encryption in internal SSH ports

Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection...

CVE-2024-29951

Brocade SANnav has CVE-2024-29951: before v2.3.1 and v2.3.0a, internal SSH ports use SHA-1 hashing, though these ports are not exposed to remote connections. The issue represents weak cryptography in internal SSH handling. Affected versions should be upgraded to SANnav 2.3.1 or later to remediate...

CVE-2024-29950

The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash. The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack...

CVE-2024-29950

CVE-2024-29950 affects Brocade SANnav prior to 2.3.1 and 2.3.0a. The FileTransfer class uses the ssh-rsa signature scheme with SHA-1, enabling a remote, unauthenticated attacker to potentially perform a man-in-the-middle attack. Public disclosures from NVD, Red Hat, and Broadcom/Brocade advisorie...

Biased ECDSA Nonce Generation

PuTTYis vulnerable to biased ECDSA nonce generation. The vulnerability is due to biased ECDSA nonce generation, allowing an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is particularly significant in scenarios where an adversary can re...

Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network VPN services, web application authentication interfaces, and SSH services, since at least March 18, 2024. "These attacks all appear to be originating from TOR exit nodes and a...

Broadcom Brocade SANnav 加密问题漏洞

Broadcom Brocade SANnav is a suite of SAN management platforms from Broadcom USA. A security vulnerability exists in versions prior to Broadcom Brocade SANnav v2.3.1, v2.3.0a, which stems from the use of SHA-1 hashes in an internal SSH port that is not open to remote connections...

PT-2024-4306 · Brocade · Brocade Sannav

Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a Description: The issue is related to the use of hardcoded credentials in the Brocade SANnav software. This allows a remote attacker to perform a man-in-the-middle MITM attac...

Broadcom Brocade SANnav 加密问题漏洞

Broadcom Brocade SANnav is a suite of SAN management platforms from Broadcom USA. A security vulnerability exists in Broadcom Brocade SANnav versions prior to v2.3.1, v2.3.0a, which stems from the FileTransfer class using the ssh-rsa signature scheme, which has a SHA-1 hash value, allowing an...

PT-2024-23165 · Brocade · Brocade Sannav

Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions prior to 2.3.1 Brocade SANnav version 2.3.0a Description: The issue concerns the use of the SHA-1 hash in internal SSH ports. These ports are not open to remote connection. Recommendations: For Brocade SANnav versions...

The class FileTransfer implemented uses the ssh-rsa signature scheme (CVE-2024-29950)

The class FileTransfer implemented in Brocade SANnav before v2.3.1, v2.3.0a, uses the ssh-rsa signature scheme, which has a SHA-1 hash. The vulnerability could allow a remote, unauthenticated attacker to perform a man-in-the-middle attack...

SHA-1 hash in internal SSH ports that are not open to remote connection.(CVE-2024-29951)

A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a uses the SHA-1 hash in internal SSH ports that are not open to remote connection...

jenkins -- Terrapin SSH vulnerability in Jenkins CLI client

Jenkins Security Advisory: Description Medium SECURITY-3386 / CVE-2023-48795 Terrapin SSH vulnerability in Jenkins CLI client...