Openssh@1.2.3 Security Vulnerabilities and Issues — Openssh@1.2.3 CVE List

Lucene search

OpenbsdOpenssh1.2.3

17 matches found

CVE•added 2010/12/06 10:30 p.m.•13333 views

CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a re...

7.5CVSS5.3AI score0.02108EPSS

CVE•added 2013/03/07 8:55 p.m.•4692 views

CVE-2010-5107

The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodically making many new TCP connections.

5CVSS4.8AI score0.03186EPSS

CVE•added 2012/04/05 2:55 p.m.•2787 views

CVE-2011-5000

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in whic...

3.5CVSS4.7AI score0.01114EPSS

CVE•added 2012/01/27 7:55 p.m.•2579 views

CVE-2012-0814

The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user accou...

3.5CVSS4.7AI score0.01271EPSS

CVE•added 2014/02/03 3:55 a.m.•2506 views

CVE-2011-4327

ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2.1CVSS5.7AI score0.00104EPSS

CVE•added 2011/03/02 8:0 p.m.•1708 views

CVE-2010-4755

The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted gl...

4CVSS5AI score0.25067EPSS

CVE•added 2006/09/27 1:7 a.m.•1405 views

CVE-2006-4924

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

7.8CVSS7.7AI score0.46437EPSS

CVE•added 2008/07/22 4:41 p.m.•1092 views

CVE-2008-3259

OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.

1.2CVSS8.7AI score0.00028EPSS

CVE•added 2007/04/25 4:19 p.m.•736 views

CVE-2007-2243

OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483.

5CVSS9.4AI score0.01471EPSS

CVE•added 2003/04/02 5:0 a.m.•706 views

CVE-2002-0640

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).

10CVSS9.8AI score0.52741EPSS

CVE•added 2006/09/27 11:7 p.m.•506 views

CVE-2006-5052

Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."

5CVSS7.7AI score0.1601EPSS

CVE•added 2008/09/18 3:4 p.m.•460 views

CVE-2008-4109

A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service (connection slo...

5CVSS7.8AI score0.02401EPSS

CVE•added 2001/09/18 4:0 a.m.•190 views

CVE-2001-0361

Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5.

4CVSS9.2AI score0.01491EPSS

CVE•added 2008/08/04 10:0 a.m.•187 views

CVE-2003-1562

sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password st...

7.6CVSS6.7AI score0.14685EPSS

CVE•added 2001/05/07 4:0 a.m.•91 views

CVE-2001-0144

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

10CVSS7.4AI score0.63977EPSS

CVE•added 2000/10/13 4:0 a.m.•85 views

CVE-2000-0525

OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.

10CVSS9.4AI score0.009EPSS

CVE•added 2001/01/22 5:0 a.m.•58 views

CVE-2000-0992

Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.

5CVSS6.5AI score0.02826EPSS