52 matches found
EUVD-2003-0777
Malware in sbrugna...
EUVD-2001-1449
Malware in sbrugna...
EUVD-2001-1450
Malware in sbrugna...
CVE-2025-61985
ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used...
CVE-2025-61984
ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. A configuration...
CVE-2025-32728
In sshd in OpenSSH before 10.0, the DisableForwarding directive does not adhere to the documentation stating that it disables X11 and agent forwarding...
CVE-2025-26465
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. Fo...
CVE-2025-26466
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to ...
CVE-2024-6387
A security regression CVE-2006-5051 was discovered in OpenSSH's server sshd. There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period...
K1518: Multiple SSH1 vulnerabilities - CA-2001-35
Security Advisory Description Note: Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F5...
SUSE CVE-2003-0786
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges...
AbsoluteTelnet 11.12 - SSH1/username Denial of Service Exploit
Exploit Title: AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service PoC Discovery by: chuyreds Vendor Homepage: https://www.celestialsoftware.net/ Software Link : https://www.celestialsoftware.net/telnet/AbsoluteTelnet11.12.exe Tested Version: 11.12 Vulnerability Type: Denial of Service DoS...
AbsoluteTelnet 11.12 Denial Of Service
Exploit Title: AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-05-02 Vendor Homepage: https://www.celestialsoftware.net/ Software Link : https://www.celestialsoftware.net/telnet/AbsoluteTelnet11.12.exe Tested Version: 11.12 Vulnerability...
AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service (PoC)
Exploit Title: AbsoluteTelnet 11.12 - 'SSH1/username' Denial of Service PoC Discovery by: chuyreds Discovery Date: 2020-05-02 Vendor Homepage: https://www.celestialsoftware.net/ Software Link : https://www.celestialsoftware.net/telnet/AbsoluteTelnet11.12.exe Tested Version: 11.12 Vulnerability...
SOL16840 - SSH vulnerability CVE-1999-1085
OpenSSH supports the use of the SSH1 protocol; however, it is not enabled in default configurations. SSH1 can only be enabled by manually editing the OpenSSH configuration file. Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles...
SecureCRT 2.4/3.x/4.0 SSH1 Identifier String Buffer Overflow Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/5287/info The SecureCRT client is prone to a buffer-overflow condition when attempting to handle an overly long SSH1 protocol identifier string. Reportedly, an attacker can exploit this issue via a malicious server...
SecureCRT <= 4.0 Beta 2 SSH1 Buffer Overflow
No description provided by source. $Id: securecrtssh1.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of us...
SSH 1.2.30 Daemon Logging Failure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2345/info SSH1 is the implementation of the Secure Shell communication protocol by SSH Communications. SSH1 is version 1 of the protocol specified by IETF draft to protect the integrity of traffic over the network. A...
SecureCRT 2.4/3.x/4.0 SSH1 Identifier String Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/5287/info The SecureCRT client is prone to a buffer-overflow condition when attempting to handle an overly long SSH1 protocol identifier string. Reportedly, an attacker can exploit this issue via a malicious server...
Multipurpose Sniffer: Ettercap
Ettercap is a multipurpose sniffer / interceptor/logger for switched LAN Ettercap is a free and open source network security tool for man-in-the-middle attacks on LAN . It can be used for computer network protocol analysis and security auditing. It runs on various Unix-like operating systems...