PT-2023-4970

Name of the Vulnerable Software and Affected Versions ASUS RT-AX55 version 3.0.0.4.386.51598 Description The issue is related to an authenticated command injection vulnerability. This vulnerability allows a remote attacker to execute arbitrary system commands. Over 9,000 ASUS routers have been...

Prometheus API Information Gather

This module utilizes Prometheus' API calls to gather information about the server's configuration, and targets. Fields which may contain credentials, or credential file names are then pulled out and printed. Targets may have a wealth of information, this module will print the following values whe...

Amazon Linux 2023 : amazon-ssm-agent (ALAS2023-2023-339)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-339 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks ...

Oracle Linux 7 : libssh2 (ELSA-2020-3915)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-3915 advisory. - fix integer overflow in SSHMSGDISCONNECT logic CVE-2019-17498 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes...

Oracle Linux 5 : openssh (ELSA-2009-1287)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2009-1287 advisory. - workaround to plaintext recovery attack against CBC ciphers CVE-2008-5161 502230 Tenable has extracted the preceding description block directly from the Oracl...

Oracle Linux 6 : kexec-tools (ELSA-2011-1532)

The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2011-1532 advisory. 2.0.0-209.0.1.el6 - Make sure '--allow-missing' is effective by adding to MKDUMPRDARGS in kdump.sysconfig, kdump.sysconfig.i386, and...

Oracle Linux 7 : cloud-init (ELSA-2020-3898)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-3898 advisory. - Resolves: bz1574338 CVE-2018-10896 cloud-init: SSH host keys are not regenerated for the new instances rhel-7 - Resolves: bz1812170 CVE-2020-8632...

Oracle Linux 7 : zziplib (ELSA-2020-1178)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1178 advisory. 0.13.62-12 - Fix a directory traversal bug - unzip-mem should now strip all '../' prefixes from the archived files - Resolves: CVE-2018-17828 Tenable has...

Important: amazon-ssm-agent

Issue Overview: The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server. CVE-2021-43565 A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentification with R...

VMware Aria Operations for Networks default SSH key

Added: 09/06/2023 Background SSH Private keys are used for authentication for many devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker to gain remote, privileged access to the device. Probl...

VMware Aria Operations for Networks default SSH key

Added: 09/06/2023 Background SSH Private keys are used for authentication for many devices. Devices shipped with a default, static key are vulnerable to compromise if the public discovers the key. The private key can be re-used by an attacker to gain remote, privileged access to the device. Probl...

Medium: curl

Issue Overview: Integer overflow vulnerability in tooloperate.c in curl 7.65.2 via crafted value as the retry delay. CVE-2020-19909 libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before i...

Medium: amazon-ssm-agent

Issue Overview: A broken cryptographic algorithm flaw was found in golang.org/x/crypto/ssh. This issue causes a client to fail authentification with RSA keys to servers that reject signature algorithms based on SHA-2, enabling an attacker to crash the server, resulting in a loss of availability...

Exploit for Use of a Broken or Risky Cryptographic Algorithm in Vmware Aria_Operations_For_Networks

CVE-2023-34039 POC for CVE-2023-34039 VMWare Aria Operations f...

PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability

Proof-of-concept PoC exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks formerly vRealize Network Insight. The flaw, tracked as CVE-2023-34039, is rated 9.8 out of a maximum of 10 for severity and has been describe...

CVE-2023-39982

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle...

Hardcoded credentials

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle...

CVE-2023-39982 MXsecurity Hardcoded Credential

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle...

CVE-2023-39982 MXsecurity Hardcoded Credential

A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle...

CVE-2023-39982

MXsecurity versions prior to v1.0.1 contain a hard-coded SSH host key that may allow man-in-the-middle attacks and decryption of SSH traffic, compromising confidentiality and integrity. The issue affects the MXsecurity platform’s SSH communications on affected devices. Remediation acknowledged in...