CVE-2008-0535

Unspecified vulnerability in the SSH server in 1 Cisco Service Control Engine SCE before 3.1.6, and 2 Icon Labs Iconfidant SSH before 2.3.8, allows remote attackers to cause a denial of service device instability via "SSH credentials that attempt to change the authentication method," aka Bug ID...

CVE-2008-0535

CVE-2008-0535 affects Cisco Service Control Engine (SCE) SSH server (and Icon Labs Iconfidant SSH) with multiple DoS through SSH login behavior and attempts to change authentication methods. Root cause: SSH credential handling during authentication can trigger instability, potentially causing dev...

CVE-2008-0536

CVE-2008-0536 affects Cisco Service Control Engine (SCE) 3.0.x before 3.0.7 and 3.1.x before 3.1.0, and Icon Labs Iconfidant SSH before 2.3.8. The vulnerability allows remote SSH-based denial of service (management interface outage) by triggering illegal I/O operations during management tasks (Bu...

CVE-2008-1159

Cisco IOS SSH server on 12.4-based releases contains multiple vulnerabilities (CVE-2008-1159) that allow unauthenticated remote attackers to trigger a spurious memory access error or, in some cases, reload the device, causing DoS. No exploit vectors are detailed in the provided documents; exploit...

Cisco IOS ssh DoS

Multiple vulnerabilities leading to device crash...

Aruba Mobility Controller绕过认证及跨站脚本漏洞

BUGTRAQ ID: 29240 Aruba Mobility Controller可为企业提供移动接入解决方案。 Aruba Mobility Controllers的TACACS认证组件可能允许非授权的Web UI/SSH/Telnet访问，但TACACS不是默认的认证方式；Aruba Mobility Controllers可能提供一个基于Web的管理和captive portal接口，向这个web UI提供畸形输入可以导致向用户显示输入，导致跨站脚本攻击。 Aruba Networks Mobility Controllers 3.3.1.x Aruba Networks...

Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit

No description provided by source. the debian openssl issue leads that there are only 65.536 possible ssh keys generated, cause the only entropy is the pid of the process generating the key. This leads to that the following perl script can be used with the ...

OpenSSL 0.9.8c-1 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH (Ruby)

OpenSSL 0.9.8c-1 0.9.8g-9 Debian and Derivatives - Predictable PRNG Brute Force SSH Ruby !/usr/bin/ruby Debian SSH Key Tester L4teral This tool helps to find user accounts with weak SSH keys that should be regenerated with an unaffected version of openssl. You will need the precalculated keys...

Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit (ruby)

Exploit for multiple platform in category remote exploits ============================================================= Debian OpenSSL Predictable PRNG Bruteforce SSH Exploit ruby ============================================================= !/usr/bin/ruby Debian SSH Key Tester L4teral This tool...

OpenSSL 0.9.8c-1 < 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH (Ruby)

!/usr/bin/ruby Debian SSH Key Tester L4teral This tool helps to find user accounts with weak SSH keys that should be regenerated with an unaffected version of openssl. You will need the precalculated keys provided by HD Moore See http://metasploit.com/users/hdm/tools/debian-openssl/ for further...

OpenSSL 0.9.8c-1 0.9.8g-9 (Debian and Derivatives) - Predictable PRNG Brute Force SSH (Perl)

OpenSSL 0.9.8c-1 0.9.8g-9 Debian and Derivatives - Predictable PRNG Brute Force SSH Perl the debian openssl issue leads that there are only 65.536 possible ssh keys generated, cause the only entropy is the pid of the process generating the key. This leads to that the following perl script can be...

Debian OpenSSH/OpenSSL Package Random Number Generator Weakness (SSL check)

The remote x509 certificate on the remote SSL server has been generated on a Debian or Ubuntu system which contains a bug in the random number generator of its OpenSSL library. The problem is due to a Debian packager removing nearly all sources of entropy in the remote version of OpenSSL. An...

AIX 520010 : U808772

The remote host is missing AIX PTF U808772 which is related to the security of the package bos.rte.edit You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

Debian: Security Advisory (DSA-1546-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AIX 610000 : U816213

The remote host is missing AIX PTF U816213 which is related to the security of the package bos.rte.edit You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

FreeBSD-SA-08:05.openssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08:05.openssh Security Advisory The FreeBSD Project Topic: OpenSSH X11-forwarding privilege escalation Category: contrib Module: openssh Announced: 2008-04-17...

Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 8.1 / 9.0 / 9.1 / current : openssh (SSA:2008-095-01)

New openssh packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, and -current to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory...

HP OpenVMS unauthorized SSH access

No description provided...

[security bulletin] HPSBOV02278 SSRT071479 rev.1 - HP OpenVMS SSH Using TCP/IP Services for OpenVMS, Remote Unauthorized Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01414022 Version: 1 HPSBOV02278 SSRT071479 rev.1 - HP OpenVMS SSH Using TCP/IP Services for OpenVMS, Remote Unauthorized Access NOTICE: The information in this Security Bulletin should be acted...

F5 BIG-IP Web Management Audit Log XSS

F5 BIG-IP Web Management Audit Log XSS Product: F5 BIG-IP http://www.f5.com/products/big-ip/ The F5 BIG-IP web management interface contains a persistent cross-site scripting vulnerability in the audit log facility. Log entries are output raw, without being HTML-encoded first. This allows an...