14901 matches found
Exploit for OS Command Injection in Saltstack Salt
CVE-2020-16846-Saltstack-Salt-API Vulnerability Explained: An...
Dell EMC IsilonSD Management Server Encryption Issue Vulnerability
DELL Dell EMC IsilonSD Management Server is a management server for EMC IsilonSD storage from Dell USA. Dell EMC IsilonSD Management Server is vulnerable to a cryptographic issue that arises from the use of a corrupted or risky encryption algorithm in the SSH component. A remote attacker could...
SSH Host Keys < 2048 Bits Considered Weak
Brute force setting must be enabled to use this plugin. The remote SSH server has a host key size that is smaller than 2048 bits. NIST Special Publication 800-57 Part 3 Recommendation for Key Management recommends RSA keys greater or equal to 2048 bits in length. TRUSTED...
SSH Weak Key Exchange Algorithms Enabled
The remote SSH server is configured to allow key exchange algorithms which are considered weak. This is based on the IETF draft document Key Exchange KEX Method Updates and Recommendations for Secure Shell SSH RFC9142. Section 4 lists guidance on key exchange algorithms that SHOULD NOT and MUST N...
Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root (Telnet/SSH)
Exploit Title: Cypress Solutions CTM-200/CTM-ONE - Hard-coded Credentials Remote Root Telnet/SSH Date: 21.09.2021 Exploit Author: LiquidWorm Vendor Homepage: https://www.cypress.bc.ca !/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor:...
GitHub Revoked Insecure SSH Keys Generated by a Popular git Client
Code hosting platform GitHub has revoked weak SSH authentication keys that were generated via the GitKraken git GUI client due to a vulnerability in a third-party library that increased the likelihood of duplicated SSH keys. As an added precautionary measure, the Microsoft-owned company also said...
Zoom Client / Desktop / Workplace Detection (Linux/Unix SSH Login)
SSH login-based detection of the Zoom Client / Desktop / Workplace. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Path traversal
keypair is a a RSA PEM key generator written in javascript. keypair implements a lot of cryptographic primitives on its own or by borrowing from other libraries where possible, including node-forge. An issue was discovered where this library was generating identical RSA keys used in SSH. This wou...
NetSarang Xshell has an unspecified vulnerability
NetSarang Xshell is an ssh client from NetSarang. NetSarang Xshell 7.0.0.76 previously contained a security vulnerability that could be exploited by an attacker to cause a crash by triggering a quick change in the title bar...
Cypress Solutions CTM-200/CTM-ONE Hard-Coded Credentials Remote Root
!/usr/bin/env python3 Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root Telnet/SSH Vendor: Cypress Solutions Inc. Product web page: https://www.cypress.bc.ca Affected version: CTM-ONE 1.3.6-latest CTM-ONE 1.3.1 CTM-ONE 1.1.9 CTM200 2.7.1.5659-latest CTM200 2.0.5.3356-184 Summar...
Cypress Solutions CTM-200/CTM-ONE Hard-coded Credentials Remote Root (Telnet/SSH)
Summary CTM-200 is the industrial cellular wireless gateway for fixed and mobile applications. The CTM-200 is a Linux based platform powered by ARM Cortex-A8 800 MHz superscalar processor. Its on-board standard features make the CTM-200 ideal for mobile fleet applications or fixed site office and...
Photon OS 2.0: Linux PHSA-2021-2.0-0399
An update of the linux package has been released. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-2.0-0399. The text itself is copyright C VMware, Inc...
Fedora: Security Advisory for libssh (FEDORA-2021-f2a020a065)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: libssh-0.9.6-1.fc33
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...
Fedora: Security Advisory for openssh (FEDORA-2021-f8df0f8563)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for openssh (FEDORA-2021-1f7339271d)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for libssh (FEDORA-2021-288925ac19)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for libssh (FEDORA-2021-ec797b6a96)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-36298
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete...
CVE-2021-36298
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete...