VMWare Aria Operations for Networks (vRealize Network Insight) SSH Private Key Exposure

VMWare Aria Operations for Networks vRealize Network Insight versions 6.0.0 through 6.10.0 do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" root user. Module Options msf...

VMWare Aria Operations For Networks SSH Private Key Exposure Exploit

VMWare Aria Operations for Networks vRealize Network Insight versions 6.0.0 through 6.10.0 do not randomize the SSH keys on virtual machine initialization. Since the key is easily retrievable, an attacker can use it to gain unauthorized remote access as the "support" root user. This module requir...

VMWare Aria Operations For Networks SSH Private Key Exposure

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/ssh' require 'net/ssh/commandstream' class MetasploitModule 'VMWare Aria Operations for Networks vRealize Network Insight SSH Private Key Exposure',...

Important: amazon-ssm-agent

Issue Overview: The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentification with R...

Code injection

sbt is a build tool for Scala, Java, and others. Given a specially crafted zip or JAR file, IO.unzip allows writing of arbitrary file. This would have potential to overwrite /root/.ssh/authorizedkeys. Within sbt's main code, IO.unzip is used in pullRemoteCache task and Resolvers.remote; however...

CVE-2023-46322

iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may be outside the set of alphanumeric characters, dash, and period...

CVE-2023-46322

iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may be outside the set of alphanumeric characters, dash, and period...

Code injection

iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may be outside the set of alphanumeric characters, dash, and period...

PT-2023-25318 · Cassia · Cassia Access Controller

Name of the Vulnerable Software and Affected Versions: Cassia Access Controller version 2.1.1.2303271039 Description: An issue was discovered in the Cassia Access Controller where the Web SSH terminal endpoint, also known as the spawned console, can be accessed without proper authentication. The...

Ubuntu 16.04 ESM : libssh2 vulnerabilities (USN-5308-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5308-1 advisory. It was discovered that libssh2 mishandled certain input. If libssh2 were used to connect to a malicious or compromised SSH server, a remote,...

CVE-2023-46322

iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may be outside the set of alphanumeric characters, dash, and period...

CVE-2023-46322

iTermSessionLauncher.m in iTerm2 before 3.5.0beta12 does not sanitize ssh hostnames in URLs. The hostname's initial character may be non-alphanumeric. The hostname's other characters may be outside the set of alphanumeric characters, dash, and period...

CVE-2023-46322

iTerm2 (macOS) before 3.5.0beta12 contains an issue in the iTermSessionLauncher.m component where SSH hostnames in URLs are not sanitized. The hostname’s first character may be non‑alphanumeric and other characters may fall outside the allowed alphanumeric, dash, and period set, enabling potentia...

Fedora: Security Advisory for ansible-core (FEDORA-2023-cdc7db366e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: ansible-core-2.14.11-1.fc38

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 37 Update: ansible-core-2.14.11-1.fc37

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

SUSE: Security Advisory (SUSE-SU-2023:4127-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: amazon-ssm-agent

Issue Overview: The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 http2/hpack: avoid quadratic complexity in hpack decoding CVE-2022-41723 Templates did not properly consider backticks as Javascript...

Exploit for Unprotected Alternate Channel in Rockwellautomation Allen-Bradley_Stratix_5200_Firmware

CVE202320198Detector This script can identify if Cisco IOS...

Slackware: Security Advisory (SSA:2023-290-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...