14899 matches found
Diffie-Hellman Ephemeral Key Exchange DoS Vulnerability (SSH, D(HE)ater)
The remote SSH server is supporting Diffie-Hellman ephemeral DHE Key Exchange KEX algorithms and thus could be prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Gryphon Tower Information Disclosure Vulnerability
Gryphon Tower is a wireless router from Gryphon, Inc. Gryphon Tower is vulnerable to an information disclosure vulnerability stemming from the presence of an unprotected ssh private key on the device, which could be exploited by an attacker to gain root access to servers belonging to Gryphon's...
Apache Log4j Detection (Linux/Unix SSH Login)
SSH login-based detection of Apache Log4j. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...
Apache Log4j Detection Consolidation
Consolidation of Apache Log4j detections. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribut...
Unspecified vulnerability in tmate-ssh-server
Tmate-Ssh-Server is a Tmate Ssh server. tmate-ssh-server suffers from a security vulnerability that could be exploited by an attacker to compromise the integrity of session processing or to obtain read and write session IDs from read-only session symbolic links in this directory...
Tmate-Ssh-Server Competition Condition Issue Vulnerability
Tmate-Ssh-Server is a Tmate Ssh server. a contention condition issue vulnerability exists in Tmate-Ssh-Server, which can be exploited by attackers to compromise the integrity of session processing...
CVE-2021-20146
An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root access to a server affiliated with Gryphon's development and infrastructure. At the time of discovery, the ssh key could be used to login to the development server hosted in Amazon Web Services...
Design/Logic Flaw
An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root access to a server affiliated with Gryphon's development and infrastructure. At the time of discovery, the ssh key could be used to login to the development server hosted in Amazon Web Services...
CVE-2021-20146
CVE-2021-20146 describes an information disclosure/privilege escalation on Gryphon Tower devices due to an unprotected SSH private key, enabling potential root access to a Gryphon development server hosted on AWS. Affected component is the device’s SSH key handling; root access to connected infra...
CVE-2021-20146
An unprotected ssh private key exists on the Gryphon devices which could be used to achieve root access to a server affiliated with Gryphon's development and infrastructure. At the time of discovery, the ssh key could be used to login to the development server hosted in Amazon Web Services...
MTPutty 1.0.1.21 SSH Password Disclosure
Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...
MTPutty 1.0.1.21 - SSH Password Disclosure
Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...
Raspberry Pi OS / Raspbian Default Credentials (SSH)
The remote Raspberry Pi OS / Raspbian system is using known default credentials for the SSH login. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
MTPutty 1.0.1.21 - SSH Password Disclosure Vulnerability
Exploit Title: MTPutty 1.0.1.21 - SSH Password Disclosure Exploit Author: Sedat Ozdemir Version: 1.0.1.21 Date: 06/12/2021 Vendor Homepage: https://ttyplus.com/multi-tabbed-putty/ Tested on: Windows 10 Proof of Concept ================ Step 1: Open MTPutty and add a new SSH connection. Step 2:...
CVE-2021-43399
The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device...
CVE-2021-43399
Summary of CVE-2021-43399 (YubiHSM/YubiHSM2 in yubihsm-shell) A boundary/length validation vulnerability exists in the YubiHSM2 library version 2021.08 as included in yubihsm-shell, affecting operations such as SSH signing requests and certain data operations from a YubiHSM 2 device. Multiple sou...
CVE-2021-43399
The Yubico YubiHSM YubiHSM2 library 2021.08, included in the yubihsm-shell project, does not properly validate the length of some operations including SSH signing requests, and some data operations received from a YubiHSM 2 device...
CVE-2021-44512
World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...
DEBIAN-CVE-2021-44512
World-writable permissions on the /tmp/tmate/sessions directory in tmate-ssh-server 2.3.0 allow a local attacker to compromise the integrity of session handling, or obtain the read-write session ID from a read-only session symlink in this directory...
DEBIAN-CVE-2021-44513
Insecure creation of temporary directories in tmate-ssh-server 2.3.0 allows a local attacker to compromise the integrity of session handling...