Page 15 of 81 results (0.010 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used. • http://www.openwall.com/Owl/CHANGES-stable.shtml http://www.osvdb.org/5408 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2

OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-010.txt.asc http://archives.neohapsis.com/archives/bugtraq/2001-05/0322.html http://archives.neohapsis.com/archives/bugtraq/2001-06/0007.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000431 http://download.immunix.org/ImmunixOS/7.0/updates/IMNX-2001-70-034-01 http://online.securityfocus.com/archive/1/188737 http://www.calderasystems.com/support/security/advisories/CSSA-2001-023.0.txt http://www.k •

CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0

Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:24.ssh.asc http://marc.info/?l=bugtraq&m=98158450021686&w=2 http://www.ciac.org/ciac/bulletins/l-047.shtml http://www.debian.org/security/2001/dsa-023 http://www.debian.org/security/2001/dsa-027 http://www.debian.org/security/2001/dsa-086 http://www.novell.com/linux/security/advisories/adv004_ssh.html http://www.osvdb.org/2116 http://www.securityfocus.com/bid/2344 https://exchange.xforce& • CWE-310: Cryptographic Issues •

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d. • http://marc.info/?l=bugtraq&m=99324968918628&w=2 http://www.kb.cert.org/vuls/id/797027 http://www.securityfocus.com/bid/2917 https://exchange.xforce.ibmcloud.com/vulnerabilities/6757 •

CVSS: 10.0EPSS: 12%CPEs: 13EXPL: 3

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. • https://www.exploit-db.com/exploits/349 https://www.exploit-db.com/exploits/20617 http://marc.info/?l=bugtraq&m=98168366406903&w=2 http://razor.bindview.com/publish/advisories/adv_ssh1crc.html http://www.cert.org/advisories/CA-2001-35.html http://www.osvdb.org/503 http://www.osvdb.org/795 http://www.securityfocus.com/bid/2347 https://exchange.xforce.ibmcloud.com/vulnerabilities/6083 •