Lucene search
K

20 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2015-5352

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The x11openhelper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X...

4.3CVSS6.8AI score0.05445EPSS
Exploits0References2
OSV
OSV
added 2017/08/24 8:29 p.m.1 views

DEBIAN-CVE-2015-8308

LXDM before 0.5.2 did not start X server with -auth, which allows local users to bypass authentication with X connections...

7.8CVSS6.8AI score0.00389EPSS
Exploits0References1
OSV
OSV
added 2015/08/18 1:34 p.m.8 views

USN-2710-2 openssh regression

USN-2710-1 fixed vulnerabilities in OpenSSH. The upstream fix for CVE-2015-5600 caused a regression resulting in random authentication failures in non-default configurations. This update fixes the problem. Original advisory details: Moritz Jodeit discovered that OpenSSH incorrectly handled...

6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/08/17 12:0 a.m.112 views

Ubuntu 14.04 LTS : OpenSSH vulnerabilities (USN-2710-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2710-1 advisory. Moritz Jodeit discovered that OpenSSH incorrectly handled usernames when using PAM authentication. If an additional vulnerability were discovered in the...

8.5CVSS7.2AI score0.09302EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2015/08/15 12:0 a.m.49 views

Ubuntu: Security Advisory (USN-2710-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.5CVSS6.5AI score0.09302EPSS
Exploits1References2
OSV
OSV
added 2015/08/03 1:59 a.m.8 views

CVE-2015-5352

The x11openhelper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time...

4.2AI score
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2014/04/16 12:0 a.m.53 views

AIX OpenSSH Advisory : ssh_advisory.asc

The version of OpenSSH running on the remote host is affected by the following vulnerabilities : - OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, ...

6.9CVSS7.6AI score0.02223EPSS
Exploits4References4
OpenVAS
OpenVAS
added 2012/09/10 12:0 a.m.32 views

Slackware: Security Advisory (SSA:2008-095-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.9CVSS6.5AI score0.00346EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2011/10/04 12:0 a.m.30 views

OpenSSH < 1.2.3 xauth Session Highjacking

According to its banner, the remote host is running a version of OpenSSH earlier than 1.2.3. Such versions are affected by a session highjacking vulnerability. By default, ssh clients negotiate to forward X connections by using the xauth program to place cookies in the authorization cache of the...

5.1CVSS7.6AI score0.00972EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2010/04/19 12:0 a.m.28 views

OpenSSH X Connections Session Hijacking Vulnerability

OpenSSH is prone to a vulnerability that allows attackers to hijack forwarded X connections. Successfully exploiting this issue may allow an attacker run arbitrary shell commands with the privileges of the user running the affected application. This issue affects OpenSSH 4.3p2; other versions may...

6.9CVSS0.5AI score0.00346EPSS
Exploits1References15
OpenVAS
OpenVAS
added 2010/04/19 12:0 a.m.73 views

OpenSSH X Connections Session Hijacking Vulnerability

OpenSSH is prone to a vulnerability that allows attackers to hijack forwarded X connections. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...

6.9CVSS6.3AI score0.00346EPSS
Exploits1References14
Tenable Nessus
Tenable Nessus
added 2009/04/23 12:0 a.m.36 views

Mandriva Linux Security Advisory : openssh (MDVSA-2008:078)

OpenSSH allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port. The updated packages have been patched to prevent this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

6.9CVSS7.3AI score0.00346EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/04/09 12:0 a.m.16 views

Mandriva Update for openssh MDVSA-2008:078 (openssh)

Check for the Version of openssh OpenVAS Vulnerability Test Mandriva Update for openssh MDVSA-2008:078 openssh Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

6.9CVSS0.00346EPSS
Exploits1References2
Prion
Prion
added 2008/03/24 11:44 p.m.29 views

Design/Logic Flaw

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 IPv4 and sniffing a cookie sent by Emacs...

6.9CVSS6.1AI score0.00346EPSS
Exploits1References54Affected Software1
UbuntuCve
UbuntuCve
added 2008/03/24 11:44 p.m.43 views

CVE-2008-1483

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 IPv4 and sniffing a cookie sent by Emacs...

6.9CVSS7.1AI score0.00346EPSS
Exploits1References2
NVD
NVD
added 2008/03/24 11:44 p.m.19 views

CVE-2008-1483

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 IPv4 and sniffing a cookie sent by Emacs...

6.9CVSS5.3AI score0.00346EPSS
Exploits1References54
OSV
OSV
added 2008/03/24 11:44 p.m.5 views

CVE-2008-1483

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 IPv4 and sniffing a cookie sent by Emacs...

6.9CVSS6AI score0.00346EPSS
Exploits1References54
Cvelist
Cvelist
added 2008/03/24 11:0 p.m.26 views

CVE-2008-1483

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 IPv4 and sniffing a cookie sent by Emacs...

5.4AI score0.00346EPSS
Exploits1References54
Debian CVE
Debian CVE
added 2008/03/24 11:0 p.m.42 views

CVE-2008-1483

OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 IPv4 and sniffing a cookie sent by Emacs...

6.9CVSS6AI score0.00346EPSS
Exploits1
CVE
CVE
added 2008/03/24 11:0 p.m.259 views

CVE-2008-1483

OpenSSH vulnerability CVE-2008-1483 affects multiple IBM hardware management and OpenSSH-enabled products (e.g., IBM DSA Preboot, IMM2, CMM). The issue arises when sshd sets the DISPLAY environment for forwarded X11 connections, allowing a local authenticated user to hijack another user’s forward...

6.9CVSS5.8AI score0.00346EPSS
Exploits1References54Affected Software1
Rows per page
Query Builder