MGASA-2015-0107 Updated libssh2 packages fix CVE-2015-1782

Updated libssh2 packages fix security vulnerability: Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in th...

Updated libssh2 packages fix CVE-2015-1782

Updated libssh2 packages fix security vulnerability: Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in th...

[SECURITY] [DSA 3182-1] libssh2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3182-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 11, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 3182-1] libssh2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3182-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 11, 2015 http://www.debian.org/security/faq -...

DSA-3182-1 libssh2 - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3182-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IpSwitch WS_FTP Server with SSH 6.1.0.0 - Remote Buffer Overflow PoC

No description provided by source. IpSwitch WSFTPSERVER with SSH remote Buffer Overflow Website:http://www.wsftp.com/products/wsftpserver/ Version:6.1.0.0 last one,others might be vuln too Bug: Remote Buffer Overflow CD 8e8.a78: Access violation - code c0000005 first chance First chance exception...

ProSSHD 1.2 - Remote Post-Auth Exploit (ASLR and DEP bypass)

No description provided by source. Exploit Title: ProSSHD 1.2 remote post-auth exploit w/ASLR and DEP bypass Date: 03.05.2010 Author: Alexey Sintsov Software Link: http://www.exploit-db.com/application/11618 Version: 1.2 Tested on: Windows XP SP3 / Windows 7 CVE : Code : Original exploit by S2 Cr...

OpenSSH 3.x Challenge-Response Buffer Overflow Vulnerabilities (2)

No description provided by source. source: http://www.securityfocus.com/bid/5093/info The OpenSSH team has reported two vulnerabilities in OpenSSH that are remotely exploitable and may allow for unauthenticated attackers to obtain root privileges. The conditions are related to the OpenSSH SSH2...

freeSSHd 1.2.1 - Remote Stack Overflow PoC (auth)

No description provided by source. FreeSSHD remote Buffer Overflow Website: http://freesshd.com/ Version:1.2.1 Bug: Remote Buffer Overflow CD First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00000001 ebx=00000000 ecx=41414141...

openSUSE Security Update : proftpd (openSUSE-SU-2013:1563-1)

proftpd was updated to 1.3.4d. - Fixed broken build when using --disable-ipv6 configure option - Fixed modsql 'SQLAuthType Backend' MySQL issues - fix for bnc843444 CVE-2013-4359 - http://bugs.proftpd.org/showbug.cgi?id=3973 - add proftpd-sftp-kbdint-max-responses-bug3973.patch - Improve systemd...

Multiple SSH2 Products Response Buffer Overflow - Ver2 (CVE-2002-1359)

A buffer overflow vulnerability has been reported in multiple SSH2 servers and clients. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Multiple SSH2 Products Response Buffer Overflow - Ver2 (CVE-2002-1359)

A buffer overflow vulnerability has been reported in multiple SSH2 servers and clients. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

mRemote 1.50 Update Spoofing

waraxe-2013-SA100 - Update Spoofing Vulnerability in mRemote 1.50 =============================================================================== Author: Janek Vind "waraxe" Date: 29. March 2013 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-100.html Description of vulnerable softwar...

Sysax SSH Username Remote Code Execution

Added: 03/06/2012 BID: 52190 OSVDB: 79689 Background Sysax Multi Server is a Secure FTP Server and SSH2 Secure Shell Server combined into a single product. It simultaneously supports remote access and file transfer using FTP, FTPS, SFTP, Telnet, and Secure Shell. It also supports web based file...

Sysax SSH Username Remote Code Execution

Added: 03/06/2012 BID: 52190 OSVDB: 79689 Background Sysax Multi Server is a Secure FTP Server and SSH2 Secure Shell Server combined into a single product. It simultaneously supports remote access and file transfer using FTP, FTPS, SFTP, Telnet, and Secure Shell. It also supports web based file...

Sysax SSH Username Remote Code Execution

Added: 03/06/2012 BID: 52190 OSVDB: 79689 Background Sysax Multi Server is a Secure FTP Server and SSH2 Secure Shell Server combined into a single product. It simultaneously supports remote access and file transfer using FTP, FTPS, SFTP, Telnet, and Secure Shell. It also supports web based file...

Mandriva Update for php MDVA-2012:004 (php)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

MDVA-2012:004 : php

This is a maintenance and bugfix release that upgrades php to the latest 5.3.9 version which resolves numerous upstream bugs in php. php-mysqlnd packages are now also being provided with this advisory. The libmbfl packages has been upgraded to reflect the changes as of php-5.3.9. The php-ssh2...

Xlight FTP Server SFTP/SSH2连接拒绝服务漏洞

Xlight FTP Server是Windows平台下的一款高性能FTP服务器软件。 Xlight SFTP/SSH2虚拟服务器在限制首个打开文件的用户访问文件时存在拒绝服务漏洞，可导致向其他用户无法下载文件。 XLight FTP Server 3.x 厂商补丁： XLight FTP Server ----------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.xlightftpd.com/index.htm...