OpenSSH <= 3.7.1p2 Security Vulnerability

OpenSSH is susceptible to a remote denial-of-service vulnerability. This issue is due to a design flaw when servicing timeouts related to the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

OpenSSH &lt; 7.4 - &#039;UsePrivilegeSeparation Disabled&#039; Forwarded Unix Domain Sockets Privilege Escalation

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1010 This issue affects OpenSSH if privilege separation is disabled config option UsePrivilegeSeparation=no. While privilege separation is enabled by default, it is documented as a hardening option, and therefore disabling it shoul...

OpenSSH < 3.2.1 AFS/Kerberos Ticket/Token Passing Overflow

Binary data 1989.prm...

Mandrake Linux Security Advisory : openssh (MDKSA-2002:040-1)

An input validation error exists in the OpenSSH server between versions 2.3.1 and 3.3 that can result in an integer overflow and privilege escalation. This error is found in the PAMAuthenticationViaKbdInt code in versions 2.3.1 to 3.3, and the ChallengeResponseAuthentication code in versions 2.9....

Revised OpenSSH Security Advisory &#40;adv.iss&#41;

This is the 2nd revision of the Advisory. 1. Versions affected: Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. All versions between 2.3.1 and 3.3 contain a bug in the...