Lucene search

K
OpenbsdOpenssh

5 matches found

CVE
CVE
added 2014/02/03 3:55 a.m.2502 views

CVE-2011-4327

ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.

2.1CVSS5.7AI score0.0011EPSS
CVE
CVE
added 2008/11/19 5:30 p.m.725 views

CVE-2008-5161

Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; ...

2.6CVSS6.2AI score0.03067EPSS
CVE
CVE
added 2006/10/10 11:7 p.m.64 views

CVE-2006-5229

OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. N...

2.6CVSS6.6AI score0.37831EPSS
CVE
CVE
added 2000/04/25 4:0 a.m.55 views

CVE-1999-1010

An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.

2.1CVSS6.8AI score0.00244EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.53 views

CVE-2001-1029

libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or welcome files.

2.1CVSS6.5AI score0.00196EPSS