17 matches found
CVE-2026-24902
TrustTunnel is an open-source VPN protocol with a server-side request forgery and and private network restriction bypass in versions prior to 0.9.114. In tcpforwarder.rs, SSRF protection for allowprivatenetworkconnections = false was only applied in the TcpDestination::HostNamepeer path. The...
EUVD-2010-0987
Malware in sbrugna...
Disable the TCP Forwarding Function of SSH
Setting AllowTcpForwarding to no disables the SSH client from performing TCP port forwarding. TCP port forwarding is a function of transmitting data between a local host and a remote host through an SSH tunnel. By disabling this function, you can restrict the data transmission and access scope of...
Disable the TCP Forwarding Function of SSH
Setting AllowTcpForwarding to no disables the SSH client from performing TCP port forwarding. TCP port forwarding is a function of transmitting data between a local host and a remote host through an SSH tunnel. By disabling this function, you can restrict the data transmission and access scope of...
BSA-2017-269
Security Advisory ID : BSA-2017-269 Component : OpenSSH Revision : 1.0: Interim The default configuration forOpenSSHenablesAllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such asAnonCVS. Affected Products...
[SECURITY] Fedora 14 Update: syslog-ng-3.1.4-4.fc14
syslog-ng, as the name shows, is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pairs; syslog-ng adds the possibility to filter based on message contents using regular expressions. The new...
Command injection
The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT...
CVE-2010-0962
The CVE-2010-0962 case concerns the FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule firmware 7.5. The root cause is that the FTP proxy does not restrict the IP address and port specified in a PORT command, allowing a client to trigger forwarding to an intranet FTP ser...
CVE-2010-0962
The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 does not restrict the IP address and port specified in a PORT command from a client, which allows remote attackers to leverage intranet FTP servers for arbitrary TCP forwarding via a crafted PORT...
Fedora Update for syslog-ng FEDORA-2008-0559
Check for the Version of syslog-ng OpenVAS Vulnerability Test Fedora Update for syslog-ng FEDORA-2008-0559 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...
[SECURITY] Fedora 8 Update: syslog-ng-2.0.10-1.fc8
syslog-ng, as the name shows, is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pairs; syslog-ng adds the possibility to filter based on message contents using regular expressions. The new...
[SECURITY] Fedora 10 Update: syslog-ng-2.0.10-1.fc10
syslog-ng, as the name shows, is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pairs; syslog-ng adds the possibility to filter based on message contents using regular expressions. The new...
[SECURITY] Fedora 9 Update: syslog-ng-2.0.10-1.fc9
syslog-ng, as the name shows, is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pairs; syslog-ng adds the possibility to filter based on message contents using regular expressions. The new...
[SECURITY] Fedora 8 Update: syslog-ng-2.0.7-1.fc8
syslog-ng, as the name shows, is a syslogd replacement, but with new functionality for the new generation. The original syslogd allows messages only to be sorted based on priority/facility pairs; syslog-ng adds the possibility to filter based on message contents using regular expressions. The new...
CVE-2004-1653
The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS...
Weak SSH default ocnfiguration
TCP forwarding is allowed by default, it creates security problem for anonymous SSH access for example with CVS...
PT-2004-2559 · Openssh +1 · Openssh +1
Name of the Vulnerable Software and Affected Versions: OpenSSH affected versions not specified Description: The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program suc...