[SECURITY] Fedora 39 Update: ansible-core-2.16.2-1.fc39

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 39 Update: ansible-9.1.0-1.fc39

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

FreeBSD : putty -- add protocol extension against 'Terrapin attack' (91955195-9ebb-11ee-bc14-a703705db3a6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 91955195-9ebb-11ee-bc14-a703705db3a6 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

Dell NetWorker Encryption Issue Vulnerability

Dell NetWorker is an application from Dell USA Inc. Provides forum discussion features for Dell Inc. A cryptographic issue vulnerability exists in Dell NetWorker Virtual Edition 19.8 and prior versions, which stems from the use of an unrecommended encryption algorithm by the SSH component, and ca...

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current proftpd Vulnerability (SSA:2023-354-01)

The version of proftpd installed on the remote host is prior to 1.3.8b. It is, therefore, affected by a vulnerability as referenced in the SSA:2023-354-01 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...

UBUNTU-CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

Ubuntu: Security Advisory (USN-6560-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Prefix Truncation Attacks in SSH Specification (Terrapin Attack)

The remote SSH server is supporting an specific encryption algorithm or MAC. Parts of their SSH specification are vulnerable to a novel prefix truncation attack a.k.a. Terrapin attack. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, a...

Fedora: Security Advisory (FEDORA-2023-3a0ce521ab)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rdiff-backup (FEDORA-2023-0fb94a1209)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-6561-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : putty (openSUSE-SU-2023:0411-1)

The remote openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2023:0411-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...

USN-6561-1: libssh vulnerability

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...

SUSE-SU-2023:4904-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity bsc1217950...

SUSE-SU-2023:4903-1 Security update for openssh

This update for openssh fixes the following issues: - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity bsc1217950...

Prefix Truncation Attack (Terrapin Attack)

libssh is vulnerable to Terrapin attack. The vulnerability is due to mishandling of the handshake phase and sequence numbers in the SSH Binary Packet Protocol BPP with certain OpenSSH extensions. This allows an attacker to bypass integrity checks and omit packets during extension negotiation, and...

Rogue Session Attack (Terrapin)

ssh is vulnerable to Terrapin attack. The vulnerability is due to mishandling of the handshake phase and sequence numbers in the SSH Binary Packet Protocol BPP with certain OpenSSH extensions. This allows an attacker to bypass integrity checks and omit packets during extension negotiation, and...

SUSE CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

Medium: openssh

Issue Overview: AWS is aware of CVE-2023-48795, also known as Terrapin, which is found in the SSH protocol and affects SSH channel integrity. A protocol extension has been introduced by OpenSSH which needs to be applied to both the client and the server in order to address this issue. We recommen...