14899 matches found
Fedora: Security Advisory for ansible (FEDORA-2021-0e7910e389)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE-SU-2021:3621-1 Security update for SUSE Manager Server 4.1
This update fixes the following issues: grafana-formula: - Version 0.4.2 Add SSH blackbox status check panel to clients dashboard Migrate deprecated panels in clients dashboard prometheus-formula: - Version 0.3.4 Fix opening Prometheus ports on proxy - Version 0.3.3 Add Prometheus targets...
Hardcoded SSH Key in Cisco Policy Suite Lets Remote Hackers Gain Root Access
Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of...
CVE-2021-40119
A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this...
Authentication flaw
A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this...
CVE-2021-40119
CVE-2021-40119 affects Cisco Policy Suite. The root cause is reuse of static SSH keys across installations, enabling an unauthenticated attacker to log in as root via SSH to vulnerable devices. Cisco issued advisories and software updates; starting with Policy Suite releases 21.2.0 and later, dev...
CVE-2021-40119 Cisco Policy Suite Static SSH Keys Vulnerability
A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this...
CVE-2021-40119 Cisco Policy Suite Static SSH Keys Vulnerability
A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to the re-use of static SSH keys across installations. An attacker could exploit this...
[SECURITY] Fedora 34 Update: ansible-2.9.27-1.fc34
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
[SECURITY] Fedora 33 Update: ansible-2.9.27-1.fc33
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...
F5 Networks BIG-IP : libssh2 vulnerabilities (K90011301)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K90011301 advisory. CVE-2019-3856An integer overflow flaw, which could lead to an out of bounds write, was discovered in libss...
Cisco Policy Suite Static SSH Keys Vulnerability
A vulnerability in the key-based SSH authentication mechanism of Cisco Policy Suite could allow an unauthenticated, remote attacker to log in to an affected system as the root user. This vulnerability is due to a weakness in the SSH subsystem of an affected system. An attacker could exploit this...
[SECURITY] Fedora 35 Update: ansible-2.9.27-1.fc35
Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...
CVE-2021-34781
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to a lack of proper error...
Design/Logic Flaw
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to a lack of proper error...
CVE-2021-34781 Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to a lack of proper error...
CVE-2021-34781 Cisco Firepower Threat Defense Software SSH Connections Denial of Service Vulnerability
A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on the affected device. This vulnerability is due to a lack of proper error...
CVE-2021-34781
The CVE-2021-34781 issue affects Cisco Firepower Threat Defense (FTD) Software in multi-Instance deployments, where improper error handling during SSH session establishment allows an unauthenticated, remote attacker to trigger resource exhaustion and a DoS condition. Exploitation involves sending...
NewStart CGSL CORE 5.05 / MAIN 5.05 : cloud-init Multiple Vulnerabilities (NS-SA-2021-0151)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cloud-init packages installed that are affected by multiple vulnerabilities: - The default cloud-init configuration, in cloud-init 0.6.2 and newer, included sshdeletekeys: 0, disabling cloud-init's deletion of ssh host keys...