Debian DSA-5588-1 : putty - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5588 advisory. - PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response. This makes it easier for an...

Fedora: Security Advisory (FEDORA-2023-0733306be9)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2023-1970 python-twisted security update

Twisted is an event-based framework for internet applications, supporting Python 2.7 and Python 3.5+. It includes modules for many different purposes, including the following: Security Fixes: twisted is an event-driven networking engine written in Python. In affected versions twisted exposes...

OESA-2023-1957 libgit2 security update

libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language which supports C bindings. Security Fixes: libgit2 is a cross-platform, linkable library...

[SECURITY] Fedora 39 Update: libssh-0.10.6-1.fc39

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

SSH Attack Surface (CVE-2023-48795): Find and Patch With CyberSecurity Asset Management Before the Grinch Arrives

Secure Shell Protocol SSH has been a cornerstone of cryptography and security since it was developed in early 1995. Organizations rely on SSH for secure communications within several popular software products. The recent Terrapin Attack highlights the importance of maintaining full visibility of...

Dell NetWorker Virtual Edition Weak SSH Cryptography (DSA-2023-358)

The version of Dell NetWorker Virtual Edition installed on the remote Linux host is prior to 19.7, 19.7.0.x prior to 19.7.0.6, 19.7.1, 19.8.x prior to 19.8.0.4 or 19.9.x prior to 19.9.0.3. It is, therefore, affected by vulnerability in the SSH component. Due to use of deprecated cryptographic...

Apache Guacamole Integer Overflow Vulnerability

Apache Guacamole is a clientless remote desktop gateway from the Apache USA Foundation. The product supports protocols such as VNC, RDP and SSH. An integer overflow vulnerability exists in Apache Guacamole 1.5.3 and earlier versions, which can be exploited by an attacker to execute arbitrary code...

SUSE SLES12 Security Update : openssh (SUSE-SU-2023:4903-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4903-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to...

Slackware: Security Advisory (SSA:2023-354-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the ssh-agent agent in the OpenSSH encryption protection mechanism allows attackers to disclose the protected information.

The vulnerability of the ssh-agent agent in the OpenSSH encryption protection mechanism is related to key management errors. Exploiting this vulnerability can allow attackers to disclose the protected information...

SUSE: Security Advisory (SUSE-SU-2023:4902-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:4903-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 Security Update : openssh (SUSE-SU-2023:4904-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4904-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to...

FreeBSD : nebula -- security fix for terrapin vulnerability (0f7598cc-9fe2-11ee-b47f-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 0f7598cc-9fe2-11ee-b47f-901b0e9408dc advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

SUSE SLES12 Security Update : libssh2_org (SUSE-SU-2023:4946-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4946-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to...

[slackware-security] proftpd

New proftpd packages are available for Slackware 14.0, 14.1, 14.2, 15.0, and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/proftpd-1.3.8b-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: modsftp: implemented mitigation...

SUSE CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

[SECURITY] Fedora 39 Update: ansible-core-2.16.2-1.fc39

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 39 Update: ansible-9.1.0-1.fc39

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...