CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2007-1099
https://notcve.org/view.php?id=CVE-2007-1099
26 Feb 2007 — dbclient in Dropbear SSH client before 0.49 does not sufficiently warn the user when it detects a hostkey mismatch, which might allow remote attackers to conduct man-in-the-middle attacks. dbclient en el cliente SSH Dropbear en versiones anteriores a la 0.49 no previene/avisa suficientemente a los usuarios cuando detecta una discrepancia en el hostkey, lo que puede permite a usuarios remotos realizar ataques "hombre en el medio" (man-in-the-middle). • http://matt.ucc.asn.au/dropbear/CHANGES •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-0844
https://notcve.org/view.php?id=CVE-2007-0844
08 Feb 2007 — The auth_via_key function in pam_ssh.c in pam_ssh before 1.92, when the allow_blank_passphrase option is disabled, allows remote attackers to bypass authentication restrictions and use private encryption keys requiring a blank passphrase by entering a non-blank passphrase. La función auth_via_key en pam_ssh.c de pam_ssh before 1.92, cuando la opción allow_blank_passphrase está deshabilitada, permite a atacantes remotos evitar restricciones de autenticación y utilizar claves de cifrado privadas requiriendo u... • http://osvdb.org/33119 •
CVSS: 7.5EPSS: 2%CPEs: 4EXPL: 0CVE-2006-5484
https://notcve.org/view.php?id=CVE-2006-5484
24 Oct 2006 — SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339. SSH Tectia Client/Server/Connector 5.1.0 y anteriores, Manager 2.2.0 y anteriores, y otros productos, ... • http://secunia.com/advisories/22350 •
CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0CVE-2006-4315
https://notcve.org/view.php?id=CVE-2006-4315
23 Aug 2006 — Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories. Vulnerabilidad de ruta no confiable en la búsqueda no literal de Windows en múltiples productos SSH de Tectia, incluyendo el Client/Server/Connector 5.0.0 y 5.0.1 y Client/Server ant... • http://securitytracker.com/id?1016743 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2006-4316
https://notcve.org/view.php?id=CVE-2006-4316
23 Aug 2006 — SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and restart it with root privileges. El agente de administración de SSH Tectia (SSH Tectia Management Agent 2.1.2) permite a usuarios locales obtener privilegios de root ejecutando un programa con nombre sshd, lo que se co... • http://secunia.com/advisories/21559 •
CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 1CVE-2006-1206 – Dropbear / OpenSSH Server - 'MAX_UNAUTH_CLIENTS' Denial of Service
https://notcve.org/view.php?id=CVE-2006-1206
14 Mar 2006 — Matt Johnston Dropbear SSH server 0.47 and earlier, as used in embedded Linux devices and on general-purpose operating systems, allows remote attackers to cause a denial of service (connection slot exhaustion) via a large number of connection attempts that exceeds the MAX_UNAUTH_CLIENTS defined value of 30. • https://www.exploit-db.com/exploits/1572 •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2005-4310
https://notcve.org/view.php?id=CVE-2005-4310
17 Dec 2005 — SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authentication only, allows users to log in with the wrong credentials. • http://secunia.com/advisories/18001 •
CVSS: 8.8EPSS: 2%CPEs: 3EXPL: 0CVE-2005-4178
https://notcve.org/view.php?id=CVE-2005-4178
12 Dec 2005 — Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations. • http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2146
https://notcve.org/view.php?id=CVE-2005-2146
05 Jul 2005 — SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server. • http://secunia.com/advisories/15894 •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2004-2486
https://notcve.org/view.php?id=CVE-2004-2486
31 Dec 2004 — The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access. • http://matt.ucc.asn.au/dropbear/CHANGES •