14901 matches found
CVE-2021-3634
A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept...
CVE-2021-1592
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...
CVE-2021-1592
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...
Design/Logic Flaw
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...
CVE-2021-1592 Cisco UCS Manager Software SSH Sessions Denial of Service Vulnerability
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...
CVE-2021-1592
Cisco UCS Manager SSH sessions DoS (CVE-2021-1592) is caused by improper resource management for established SSH sessions. An authenticated, remote attacker can open many SSH sessions to crash and restart Cisco UCS Manager software processes, causing temporary loss of access to the CLI and web UI...
CVE-2021-1592 Cisco UCS Manager Software SSH Sessions Denial of Service Vulnerability
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...
Cisco UCS Manager Software SSH Sessions Denial of Service Vulnerability
A vulnerability in the way Cisco UCS Manager software handles SSH sessions could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper resource management for established SSH sessions. An attacker could...
Command injection
Network Attached Storage on LG N1T1 10124 devices allows an unauthenticated attacker to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter...
Debian DLA-2748-1 : tnef - LTS security update
The remote Debian 9 host has a package installed that is affected by a vulnerability as referenced in the dla-2748 advisory. - In tnef before 1.4.18, an attacker may be able to write to the victim's .ssh/authorizedkeys file via an e-mail message with a crafted winmail.dat application/ms-tnef...
CVE-2021-39615
D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying...
Hardcoded credentials
UNSUPPORTED WHEN ASSIGNED D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain acce...
CVE-2021-39615
The D-Link DSR-500N is affected by CVE-2021-39615 in version 1.02, where hard-coded credentials for undocumented accounts in /etc/passwd allow an attacker to log in via SSH or Telnet and gain access to the embedded Linux OS. The issue is fixed in firmware version 2.12/2. This vulnerability is not...
CVE-2021-39615
D-Link DSR-500N version 1.02 contains hard-coded credentials for undocumented user accounts in the '/etc/passwd' file.If an attacker succeeds in recovering the cleartext password of the identified hash value, he will be able to log in via SSH or Telnet and thus gain access to the underlying...
Unix Software Discovery Command Checks
Nessus plugins run OS commands locally on the target host to discover and characterize software that is not managed by the target operating system. This plugin runs those commands over SSH to determine whether there is any problem that might prevent the successful discovery of unmanaged software...
The vulnerability of the SSH server on the ROSA KOBALT operating system lies in the use of weak encryption algorithms such as RC4 and Blowfish. This allows attackers to circumvent cryptographic security measures.
The vulnerability of the SSH server on the ROS KOBALT operating system is related to the use of weak encryption algorithms such as RC4 and Blowfish. Exploiting this vulnerability allows a remote attacker to circumvent the cryptographic security measures...
SSH Cisco Wireless LAN Controller (WLC) Enumeration
The remote device is a Cisco Wireless LAN Controller WLC. TRUSTED...
ReverseSSH - Statically-linked Ssh Server With Reverse Shell Functionality For CTFs And Such
A statically-linkedssh server with a reverse connection feature for simple yet powerful remote access. Most useful during HackTheBox challenges, CTFs or similar. Has been developed and was extensively used during OSCP exam preparation. Get the latest Release Features Catching a reverse shell with...
Moderate: Red Hat Security Advisory: cloud-init security update
An update for cloud-init is now available for Red Hat Enterprise Linux 8.1 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
CVE-2020-9283
A denial of service vulnerability was found in the SSH package of the golang.org/x/crypto library. An attacker could exploit this flaw by supplying crafted SSH ed25519 keys to cause a crash in applications that use this package as either an SSH client or server...