OpenSSH version 3.4p1 remote root exploit for FreeBSD.
784ac2c808aee05f8e7a89a108734acf1284cde95b4a09f41ebde5b82c0728afThe PKCS#11 feature in ssh-agent in OpenSSH versions prior to 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system.
e93ab81da334d2b2c5f8f662d87f396041e5e366d8b286e3907b5cb137de0e8eOpenSSH versions prior to 7.7 suffer from a user enumeration vulnerability.
4859577142cc1049d3959af66839a236a04781ada4ed91ed9ebe565b43f98029OpenSSH versions 2.3 up to 7.4 suffer from a username enumeration vulnerability.
5b89ae3c3cfc697123f753a66e100e36a1f19ae7a11ab2e0b7081e0e195522afThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
a323caeeddfe145baaa0db16e98d784b1fbc7dd436a6bf1f479dfd5cd1d21723This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
9846e3c5fab9f0547400b4d2c017992f914222b3fd1f8eee6c7dc6bc5e59f9f0OpenSSH versions 6.8 and 6.9 suffer from a PTY privilege escalation vulnerability.
28567aff6803667664070680eb10edf5f2456dc7d56a05903e4edda14e08b17bThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
1b1fc4a14e2024293181924ed24872e6f2e06293f3e8926a376b8aec481f19d1OpenSSH versions 7.2 and below crypt CPU consumption denial of service exploit.
85813c4a45e54ff563c3ade3e42af0997614ba11790f829f24352c73b552928dHP Security Bulletin HPSBGN03638 1 - Potential vulnerabilities have been identified in the lighttpd and OpenSSH version used in HPE Remote Device Access: Virtual Customer Access System (vCAS). These vulnerabilities could be exploited remotely resulting in unauthorized modification of information, denial of service (DoS), and disclosure of information. Revision 1 of this advisory.
52dde48bf7e6534ed145537c197f29c8bff97d184184ef9e9c43b600d40a7d73This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
efc912a2ef7e938fa36df6787cd9d21b45463cd4f9d70764e9e61a961786691bOpenSSH versions 7.2p1 and below suffer from a command injection and /bin/false bypass vulnerability via xauth.
21d775c0fcb1c084c005d795ca4e1b1a4ba34f84303ab3202fc620f0852d90eeThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
a72781d1a043876a224ff1b0032daa4094d87565a68528759c1c2cab5482548cThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
973cc37b2f3597e4cf599b09e604e79c0fe5d9b6f595a24e91ed0662860b4ac3This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
dd75f024dcf21e06a0d6421d582690bf987a1f6323e32ad6619392f3bfde6bbdThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
fc0a6d2d1d063d5c66dffd952493d0cda256cad204f681de0f84ef85b2ad8428OpenSSH versions 6.9p1 and below suffer from PAM related authentication bypass and use-after-free vulnerabilities.
0b9cdda83d2bd4462b9476721a79b253f4d0d5a4f1b85d7710195b4178d9abf5This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
fd5932493a19f4c81153d812ee4e042b49bbd3b759ab3d9344abecc2bc1485e5OpenSSH versions 6.8 and below suffer from an issue where malicious servers, if a client connected to them using ssh -X, could connect to the SSH client's X server without being subject to X11 SECURITY restrictions.
b93cb274db294b1b58ca10d241e66406513c14742a39c0415077a90eff4dcd5bThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
6e074df538f357d440be6cf93dc581a21f22d39e236f217fcd8eacbb6c896cfeThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
3ff64ce73ee124480b5bf767b9830d7d3c03bbcb6abe716b78f0192c37ce160eOpenSSH versions 6.6 and below SFTP misconfiguration proof of concept remote code execution exploit for 64bit Linux.
94272d8ced9dbe8075c4b22942d9d32d7a89ad393250389e055c4460ca6053ebThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
3246aa79317b1d23cae783a3bf8275d6This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
48c1f0664b4534875038004cc4f3555b8329c2a81c1df48db5c517800de203bbThis is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
a1195ed55db945252d5a1730d4a2a2a5c1c9a6aa01ef2e5af750a962623d9027A memory corruption vulnerability exists in the post- authentication sshd process when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is selected during kex exchange. If exploited, this vulnerability might permit code execution with the privileges of the authenticated user and may therefore allow bypassing restricted shell/command configurations. OpenSSH versions 6.2 and 6.3 are affected when built against an OpenSSL that supports AES-GCM.
5a14ae6163dbd1bc2080d2d9e5abbece4f4a06fb6c639b17aeb2e9819c2b20d2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed