4 matches found
Palo Alto Networks Prisma SD-WAN ION 5.6.x < 5.6.19 / 6.1.x < 6.1.8 / 6.2.x / 6.3.x < 6.3.2 SSH Prefix Truncation (Terrapin) (CVE-2023-48795)
The version of the remote Palo Alto Networks Prisma SD-WAN ION device is 5.6.x prior to 5.6.19, 6.1.x prior to 6.1.8, 6.2.x, or 6.3.x prior to 6.3.2. It is, therefore, affected by an SSH prefix truncation vulnerability known as Terrapin: - The SSH transport protocol with certain OpenSSH extension...
CLSA-2024-1718791502 openssh: Fix of CVE-2023-48795
CVE-2023-48795: implement "strict key exchange" in ssh and sshd...
CLSA-2024-1718288901 libssh: Fix of CVE-2023-48795
CVE-2023-48795: implement "strict key exchange" mitigations, tests/pkd/pkddaemon.c: relax pthreadkill assert in pkdstop...
CLSA-2024-1707420378 Fix CVE(s): CVE-2023-48795
SECURITY UPDATE: it's possible to remove the initial messages on the secure channel without causing a MAC failure - debian/patches/CVE-2023-48795.patch: implement "strict key exchange" in ssh and sshd - CVE-2023-48795...