EUVD-2015-6309

Malware in sbrugna...

EUVD-2012-0422

Malware in sbrugna...

EUVD-2015-6222

Malware in sbrugna...

Debian dla-3899 : python-asyncssh-doc - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3899 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3899-1 [email protected]...

New Go loader pushes Rhadamanthys stealer

Malware loaders also known as droppers or downloaders are a popular commodity in the criminal underground. Their primary function is to successfully compromise a machine and deploy one or multiple additional payloads. A good loader avoids detection and identifies victims as legitimate i.e. not...

libssh: Multiple Vulnerabilities

Background libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side. Description Multiple vulnerabilities have been discovered in libssh. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

libssh: Multiple Vulnerabilities

Background libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side. Description Multiple vulnerabilities have been discovered in libssh. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...

Pybatfish - Python Client For Batfish (Network Configuration Analysis Tool)

Pybatfish is a Python client for Batfish. What is Batfish? Batfish is a network validation tool that provides correctness guarantees for security, reliability, and compliance by analyzing the configuration of network devices. It builds complete models of network behavior from device configuration...

ROS-20220405-01

A vulnerability in the Python Paramiko implementation of the SSHv2 protocol, is related to the race condition in the function writeprivatekeyfile between create and chmod operations. Exploitation of the vulnerability could allow an an attacker to exploit the race condition and gain unauthorized...

Debian: Security Advisory (DLA-2860-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2860-1] paramiko security update

--------------------------------------------------------------------- Debian LTS Advisory DLA-2860-1 [email protected] https://www.debian.org/lts/security/ Utkarsh Gupta December 28, 2021 https://wiki.debian.org/LTS - ---------------------------------------------------------------------...

USN-4854-1: AsyncSSH vulnerability

Matthijs Kooijman discovered that AsyncSSH server did not properly handle authentication under certain conditions. An attacker with a specially crafted client could use this vulnerability to skip authentication of SSH sessions...

Huawei Data Communication: SSH Server Version

The SSH version 1.0 is considered as insecure and thus should not be used. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2019-1393)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.1.0 : libssh2 (EulerOS-SA-2019-1393)

According to the versions of the libssh2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and...

EulerOS Virtualization 3.0.1.0 : libssh2 (EulerOS-SA-2019-1429)

According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and...

libssh authentication bypass

Added: 10/29/2018 BID: 105677 Background libssh is a C library implementing the SSHv2 protocol. Problem A vulnerability in libssh allows remote users to bypass authentication by sending a SSH2MSGUSERAUTHSUCCESS message instead of a SSH2MSGUSERAUTHREQUEST message. Resolution Upgrade to libssh 0.7....

libssh authentication bypass

Added: 10/29/2018 BID: 105677 Background libssh is a C library implementing the SSHv2 protocol. Problem A vulnerability in libssh allows remote users to bypass authentication by sending a SSH2MSGUSERAUTHSUCCESS message instead of a SSH2MSGUSERAUTHREQUEST message. Resolution Upgrade to libssh 0.7....

libssh authentication bypass

Added: 10/29/2018 BID: 105677 Background libssh is a C library implementing the SSHv2 protocol. Problem A vulnerability in libssh allows remote users to bypass authentication by sending a SSH2MSGUSERAUTHSUCCESS message instead of a SSH2MSGUSERAUTHREQUEST message. Resolution Upgrade to libssh 0.7....

libssh Authentication Bypass Makes it Trivial to Pwn Rafts of Servers

The libssh open-source project has issued an update to address an authentication bypass vulnerability in the server code — to say that it’s trivial to exploit is an understatement. The flaw CVE-2018-10933 exists in libssh versions 0.6 and above being used in server mode – and it allows anyone to...