12 matches found
CVE-2008-5161
CVE-2008-5161 is an SSH CBC-mode CBC vulnerability where error handling in CBC-based ciphers could allow remote attackers to recover plaintext from arbitrary SSH ciphertext blocks. The vulnerability affects multiple SSH implementations including OpenSSH 4.7p1 and various SSH clients/servers (as l...
CVE-2012-5975
CVE-2012-5975 affects SSH Tectia Server on UNIX/Linux: versions 6.0.4–6.0.20, 6.1.0–6.1.12, 6.2.0–6.2.5, and 6.3.0–6.3.2 are vulnerable when old-style password authentication is enabled. A crafted session can bypass authentication by exploiting SSH2_USERAUTH_CHANGE REQUEST via a blank password, d...
CVE-2006-5484
CVE-2006-5484 describes a cryptographic flaw in SSH Tectia Client/Server/Connector (5.1.0 and earlier) and Manager (2.2.0 and earlier), where using an RSA key with exponent 3 causes PKCS#1 padding to be removed before hash generation. This enables remote attackers to forge a PKCS#1 v1.5 signature...
CVE-2007-2063
SSH Tectia Server for IBM z/OS is affected up to version 5.3.x; prior releases, before 5.4.0, use insecure world-writable permissions for (1) the server pid file, enabling local users to stop arbitrary processes, and (2) when _BPX_BATCH_UMASK is missing, HFS files with insecure permissions, allow...
CVE-2007-5616
CVE-2007-5616 affects SSH Tectia Client and Server 5.x before 5.2.4 and 5.3.x before 5.3.6 on Unix/Linux. A local user can escalate privileges via the ssh-signer component, with root access reported as the impact. The vulnerability is mitigated by upgrading to SSH Tectia client/server 5.2.4 or 5....
CVE-2003-1120
The CVE-2003-1120 entry concerns SSH Tectia Server 4.0.3 and 4.0.4 on Unix where the password-change plugin (ssh-passwd-plugin) is enabled. The vulnerability is a race condition that allows local users to obtain the server’s private key. The connected documents confirm the affected product and th...
CVE-2021-27891
CVE-2021-27891 affects SSH Tectia Client and Server prior to 6.4.19 on Windows and ConnectSecure on Windows, due to weak key generation. Affected components: SSH Tectia Client/Server on Windows. Root cause: weak key generation in the cryptographic setup. Impact per NVD CVSS: CVSS v3.1 base score ...
CVE-2005-4310
Affected product : SSH Tectia Server
CVE-2005-2146
The CVE concerns SSH Tectia Server (Windows) 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, which generate the host key with insecure permissions. This allows a local user to read the private host key and spoof the server, enabling impersonation. Evidence from multiple sources confi...
CVE-2021-27893
CVE-2021-27893 : SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation in nonstandard conditions; ConnectSecure on Windows is affected. The provided documents do not disclose root cause details, vulnerable components, specific product versions beyond the 6.4.19 th...
CVE-2006-4315
CVE-2006-4315 describes an unquoted Windows search path vulnerability in multiple SSH Tectia products. Affects: SSH Tectia Client/Server/Connector 5.0.0 and 5.0.1, and Client/Server prior to 4.4.5; Manager 2.12 and earlier. Root cause: unquoted paths under Windows in the application startup chain...
CVE-2021-27892
CVE-2021-27892 affects SSH Tectia Client and Server on Windows (before 6.4.19) and ConnectSecure on Windows. The issue is a local privilege escalation. CVSS details in the initial data show CVSS‑v3.1 base score 7.8 (LOCAL, Privileges Required: LOW, User Interaction: NONE; Confidentiality/Integrit...