CVE-2022-3010

Summary: CVE-2022-3010 affects Priva TopControl Suite versions prior to 8.7.8.0, where an SSH credential deciphering vulnerability exists due to insecure password hashing (CWE-916). This could allow an attacker to calculate and use login credentials to access the affected components remotely. Aff...

CVE-2022-3010 Predictable SSH credentials in Priva TopControl Suite

The Priva TopControl Suite contains predictable credentials for the SSH service, based on the Serial number. Which makes it possible for an attacker to calculate the login credentials for the Priva TopControll suite...

SUSE-SU-2024:0006-1 Security update for libssh2_org

This update for libssh2org fixes the following issues: - CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity Terrapin Attack bsc1218127...

FreeBSD : FreeBSD -- Prefix Truncation Attack in the SSH protocol (13d83980-9f18-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 13d83980-9f18-11ee-8e38-002590c1f29c advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security

Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell SSH cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin CVE-2023-48795, CVSS score:...

Mageia: Security Advisory (MGASA-2023-0357)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2023:0421-1 Security update for proftpd

This update for proftpd fixes the following issues: Update to version 1.3.8a Implemented mitigations for 'Terrapin' SSH attack CVE-2023-48795. http://proftpd.org/docs/NEWS-1.3.8b...

[SECURITY] Fedora 39 Update: python-asyncssh-2.14.2-1.fc39

Python 3 library for asynchronous client and server-side SSH communication. It uses the Python asyncio module and implements many SSH protocol features such as the various channels, SFTP, SCP, forwarding, session multiplexing over a connection and more...

openSUSE 15 Security Update : proftpd (openSUSE-SU-2023:0421-1)

The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2023:0421-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity...

Fedora: Security Advisory (FEDORA-2023-e77300e4b5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated proftpd packages fix a security vulnerability

ProFTPd upstream has released version 1.3.8b to fix CVE-2023-48795. From the changelog: - Implemented mitigations for "Terrapin" SSH attack CVE-2023-48795...

MGASA-2023-0356 Updated proftpd packages fix a security vulnerability

ProFTPd upstream has released version 1.3.8b to fix CVE-2023-48795. From the changelog: - Implemented mitigations for "Terrapin" SSH attack CVE-2023-48795...

Terrapin Attack Downgrading the Fortresses of SSH

Summary: The Terrapin attack, a cryptographic exploit targeting the widely adopted SSH protocol, poses a threat to the security of over 15 million servers dispersed across the Internet. This vulnerability enables attackers to compromise the security of established connections by truncating the...

OESA-2023-1978 openssh security update

OpenSSH is the premier connectivity tool for remote login with the SSH protocol. \ It encrypts all traffic to eliminate eavesdropping, connection hijacking, and \ other attacks. In addition, OpenSSH provides a large suite of secure tunneling \ capabilities, several authentication methods, and...

[SECURITY] Fedora 39 Update: podman-tui-0.15.0-1.fc39

podman-tui is a terminal user interface for Podman v4. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

[SECURITY] Fedora 38 Update: podman-tui-0.15.0-1.fc38

podman-tui is a terminal user interface for Podman v4. podman-tui is using podman.socket service to communicate with podman environm ent and SSH to connect to remote podman machines...

Fedora: Security Advisory (FEDORA-2023-20feb865d8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for podman-tui (FEDORA-2023-cb8c606fbb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 39 : proftpd (2023-153404713b)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-153404713b advisory. Security fix for CVE-2023-48795 Terrapin SSH protocol attack, affecting modsftp. Tenable has extracted the preceding description block directly from...

Fedora 38 : proftpd (2023-b87ec6cf47)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b87ec6cf47 advisory. Security fix for CVE-2023-48795 Terrapin SSH protocol attack, affecting modsftp. Tenable has extracted the preceding description block directly from...