14901 matches found
Authentication flaw
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete...
CVE-2021-36298
Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptographic algorithms in the SSH component. A remote unauthenticated attacker could potentially exploit this vulnerability leading to authentication bypass and remote takeover of the InsightIQ. This allows an attacker to take complete...
CVE-2021-36298
Dell EMC InsightIQ is affected (versions prior to 4.1.4). The issue is caused by risky cryptographic algorithms in the SSH component, enabling a remote unauthenticated attacker to bypass authentication and take remote control of InsightIQ, potentially impacting SSH services. Remediation: upgrade ...
Security Bulletin: Publicly disclosed vulnerability from Kernel affects IBM Netezza Host Management
Summary Kernel is used by IBM Netezza Host Management. This bulletin provides mitigation for the reported CVE. Vulnerability Details CVEID: CVE-2020-8832 DESCRIPTION: Linux Kernel could allow a local attacker to obtain sensitive information, caused by not properly clearing data structures on...
FreeBSD : libssh -- possible heap-buffer overflow vulnerability (57b1ee25-1a7c-11ec-9376-0800272221cc)
libssh security advisories : The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept and used as an input to new...
[SECURITY] Fedora 34 Update: libssh-0.9.6-1.fc34
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...
[SECURITY] Fedora 35 Update: libssh-0.9.6-1.fc35
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...
Mitrastar GPT-2541GNAC-N1 Privilege Escalation
Exploit Title: Mitrastar GPT-2541GNAC-N1 - Privilege escalation Date: 10-08-2021 Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.mitrastar.com Platform: Mistrastar router devices GPT-2541GNAC-N1 HGU Tested on: Firmware BRg3.5100VNZ0b33 Vulnerability analysis:...
Mitrastar GPT-2541GNAC-N1 - Privilege escalation Vulnerability
Exploit Title: Mitrastar GPT-2541GNAC-N1 - Privilege escalation Exploit Author: Leonardo Nicolas Servalli Vendor Homepage: www.mitrastar.com Platform: Mistrastar router devices GPT-2541GNAC-N1 HGU Tested on: Firmware BRg3.5100VNZ0b33 Vulnerability analysis:...
Teleport has an unspecified vulnerability (CNVD-2022-18316)
Teleport is an identity-aware, multi-protocol access agent from Teleport USA, Inc. Used by engineers and security professionals to unify access to SSH servers, Kubernetes clusters, web applications, and databases across all environments, Teleport has a security vulnerability that could be exploit...
Teleport has an unspecified vulnerability
Teleport is an identity-aware, multi-protocol access agent from Teleport USA, Inc. Used by engineers and security professionals to unify access to SSH servers, Kubernetes clusters, web applications and databases across all environments.Teleport suffers from a security vulnerability that could be...
Teleport authorization issue vulnerability
Teleport is an identity-aware, multi-protocol access agent from Teleport USA, Inc. Used by engineers and security professionals to unify access to SSH servers, Kubernetes clusters, web applications, and databases across all environments, Teleport suffers from an authorization issue vulnerability...
Easier URI Targeting With Metasploit Framework
Over the past year and a half, Metasploit Framework’s core engineering team in Belfast has made significant improvements to usability, discoverability, and the general quality of life for the global community of Framework users. A few of the enhancements we’ve worked on in MSF 6 include: A handy...
Updated libssh packages fix security vulnerability
A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept...
CVE-2021-1419
A vulnerability in the SSH management feature of multiple Cisco Access Points APs platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH...
Input validation
A vulnerability in the SSH management feature of multiple Cisco Access Points APs platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH...
CVE-2021-1419 Cisco Access Points SSH Management Privilege Escalation Vulnerability
A vulnerability in the SSH management feature of multiple Cisco Access Points APs platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH...
CVE-2021-1419
CVE-2021-1419 affects Cisco Access Points (APs) SSH management interface, where improper checking of file operations allows a local, authenticated user to modify files and potentially gain root privileges. The root cause is input/file operation validation within the SSH management feature. Affect...
CVE-2021-1419 Cisco Access Points SSH Management Privilege Escalation Vulnerability
A vulnerability in the SSH management feature of multiple Cisco Access Points APs platforms could allow a local, authenticated user to modify files on the affected device and possibly gain escalated privileges. The vulnerability is due to improper checking on file operations within the SSH...
SSH SHA-1 HMAC Algorithms Enabled
The remote SSH server is configured to enable SHA-1 HMAC algorithms. Although NIST has formally deprecated use of SHA-1 for digital signatures, SHA-1 is still considered secure for HMAC as the security of HMAC does not rely on the underlying hash function being resistant to collisions. Note that...