Page 14 of 105 results (0.009 seconds)

CVSS: 4.6EPSS: 0%CPEs: 33EXPL: 0

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice. scp en OpenSSH 4.2p1 permite a atacantes ejecutar órdenes de su elección mediante nombres de ficheros que contienen metacaractéres o espacios, que son expandidos dos veces. • ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.8/common/005_ssh.patch ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc http://blogs.sun.com/security/entry/sun_alert_102961_security_vulnerability http://docs.info.apple.com/article.html?artnum=305214 http://itrc.hp.com/service/cki/docDisplay.do?docId=c00815112 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://secunia.com/advisories/18579 http://secunia.com/advisories/18595 http: •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt http://marc.info/?l=bugtraq&m=112605977304049&w=2 http://secunia.com/advisories/16686 http://secunia.com/advisories/18010 http://secunia.com/advisories/18661 http://secunia.com/advisories/19243 http://securitytracker.com/id?1014845 http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm http://www.mindrot.org/pipermai •

CVSS: 5.0EPSS: 1%CPEs: 32EXPL: 0

sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts. • ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html http://secunia.com/advisories/16686 http://secunia.com/advisories/17077 http://secunia.com/advisories/17245 http://secunia.com/advisories/18010 http://secunia.com/advisories/18406 http://secunia.com/advisories/18507 http://secunia.com/advisories/18661 http://secunia.com/advisories/18717 http://securitytracker.com/id?1014845 http:&# •

CVSS: 1.2EPSS: 0%CPEs: 30EXPL: 0

SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt http://nms.csail.mit.edu/projects/ssh http://secunia.com/advisories/19243 http://secunia.com/advisories/25098 http://www.eweek.com/article2/0%2C1759%2C1815795%2C00.asp http://www.redhat.com/support/errata/RHSA-2007-0257.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10201 https://access.redhat.com/security/cve/CVE-2005-2666 https://bugzilla.redhat.com/show&# • CWE-255: Credentials Management Errors •

CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0

sshd in OpenSSH 3.5p1, when PermitRootLogin is disabled, immediately closes the TCP connection after a root login attempt with the correct password, but leaves the connection open after an attempt with an incorrect password, which makes it easier for remote attackers to guess the password by observing the connection state, a different vulnerability than CVE-2003-0190. NOTE: it could be argued that in most environments, this does not cross privilege boundaries without requiring leverage of a separate vulnerability. • http://archive.cert.uni-stuttgart.de/bugtraq/2004/04/msg00162.html http://securityreason.com/securityalert/4100 http://www.securityfocus.com/archive/1/360198 • CWE-16: Configuration •