SUSE SLES15 / openSUSE 15 Security Update : hawk2 (SUSE-SU-2024:0076-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0076-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVE...

CVE-2023-42829

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to access SSH passphrases...

CVE-2023-42829

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to access SSH passphrases...

Design/Logic Flaw

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to access SSH passphrases...

CVE-2023-42829

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to access SSH passphrases...

CVE-2023-42829

The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7.9, macOS Monterey 12.6.8, macOS Ventura 13.5. An app may be able to access SSH passphrases...

CVE-2023-42829

CVE-2023-42829 affects macOS: Big Sur 11.7.9, Monterey 12.6.8, and Ventura 13.5. The vulnerability arises from insufficient restrictions on observability of app states, allowing an app to access SSH passphrases. Apple’s fix implements additional restrictions on observability to mitigate the issue...

NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining

A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. "The capabilities of the new botnet, NoaBot, include a wormable self-spreader and an SSH key backdoor to download and execute additional binaries or spread itself...

CVE-2023-48251

The vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account...

CVE-2023-48251

The vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account...

Hardcoded credentials

The vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account...

CVE-2023-48251

The vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account...

CVE-2023-48251

The vulnerability allows a remote attacker to authenticate to the SSH service with root privileges through a hidden hard-coded account...

CVE-2023-48251

CVE-2023-48251 describes a remote SSH authentication vulnerability allowing root login via a hidden hard-coded account. Reported impact includes high-severity outcomes (confidentiality, integrity, availability) with CVSS v3.1 scores: up to 9.8 (NVD) and 8.1 (PSIRT/Bosch). Documented target famili...

[SECURITY] Fedora 38 Update: libssh-0.10.6-2.fc38

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

Fedora 39 : putty (2024-d946b9ad25)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d946b9ad25 advisory. Security fix for CVE-2023-48795. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 38 : putty (2024-71c2c6526c)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-71c2c6526c advisory. Security fix for CVE-2023-48795. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

Fedora 38 : python-paramiko (2024-39a8c72ea9)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-39a8c72ea9 advisory. Terrapin fix Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue...

Impact of Terrapin SSH Attack

The Terrapin attack allows an attacker with the ability to intercept SSH traffic on affected Palo Alto Networks products through machine-in-the-middle or MitM attacks to downgrade connection security and force the usage of less secure client authentication algorithms when an administrator or user...

Fedora 38 : libssh (2023-55800423a8)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-55800423a8 advisory. Fix regression in IPv6 hosntames parsing ---- New upstream release fixing CVE-2023-48795, CVE-2023-6004, CVE-2023-6918 Tenable has extracted the...