EulerOS Virtualization 2.11.0 : openssh (EulerOS-SA-2023-3074)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...

EulerOS Virtualization 3.0.6.0 : openssh (EulerOS-SA-2023-3440)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...

EulerOS Virtualization 2.11.1 : openssh (EulerOS-SA-2023-3057)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...

EulerOS 2.0 SP11 : openssh (EulerOS-SA-2023-2846)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an...

EulerOS 2.0 SP10 : openssh (EulerOS-SA-2023-2816)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an...

EulerOS Virtualization 2.10.0 : openssh (EulerOS-SA-2023-2940)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...

EulerOS 2.0 SP11 : curl (EulerOS-SA-2023-2635)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously...

Debian dsa-5600 : php-phpseclib - security update

The remote Debian 11 / 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5600 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5600-1...

EulerOS Virtualization 3.0.6.6 : openssh (EulerOS-SA-2023-3407)

According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code...

EulerOS 2.0 SP9 : openssh (EulerOS-SA-2023-2882)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an...

EulerOS 2.0 SP9 : openssh (EulerOS-SA-2023-2901)

According to the versions of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an...

EulerOS Virtualization 2.11.1 : curl (EulerOS-SA-2023-2719)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability in input validation exists in curl 8.0 during communication using the TELNET protocol may allow an attacker to pass...

CVE-2024-0229

An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation if the server runs with extended privileges, or...

CVE-2024-21885

A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remo...

CVE-2024-21886

A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments...

Ubuntu 23.10 : libssh2 vulnerability (USN-6585-1)

The remote Ubuntu 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6585-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept...

Updated openssh packages fix security vulnerabilities

The updated packages fix security vulnerabilities: The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. CVE-2023-38408 Prefix Truncation Attacks in SSH...

freeSSHd 1.0.9 Denial Of Service

!/usr/bin/perl use IO::Socket; Exploit Title: freeSSHd 1.0.9 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 13 january 2024 Vendor Homepage: N/A Download to demo: Notification vendor: No reported Tested Version: freeSSHd 1.0.9 - Denial of Service DoS Tested on: Window XP...

OESA-2024-1061 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

[SECURITY] [DSA 5601-1] php-phpseclib3 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5601-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 12, 2024 https://www.debian.org/security/faq -...