CVSS: 6.9EPSS: 0%CPEs: 1EXPL: 0CVE-2008-1483 – openssh may set DISPLAY even if it's unable to listen on respective port
https://notcve.org/view.php?id=CVE-2008-1483
24 Mar 2008 — OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs. OpenSSH 4.3p2 y probablemente otras versiones, permite a usuarios locales secuestrar conexiones X enviadas provocando que ssh ponga DISPLAY a :10, incluso cuando otro proceso está escuchando en el puerto asociado, como se demostr... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 2%CPEs: 2EXPL: 0CVE-2007-3102 – audit logging of failed logins
https://notcve.org/view.php?id=CVE-2007-3102
18 Oct 2007 — Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party information. Vulnerabilidad sin especificar en la función linux_audit_record_event en el OpenSSH 4.3p2, como el utilizado por el Fedora Core 6 y, posiblemente, otros sistemas, permite a atacantes remotos escribir caractere... • http://osvdb.org/39214 •
CVSS: 9.8EPSS: 2%CPEs: 13EXPL: 0CVE-2007-4752 – openssh falls back to the trusted x11 cookie if generation of an untrusted cookie fails
https://notcve.org/view.php?id=CVE-2007-4752
12 Sep 2007 — ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted. ssh en OpenSSH anterior a 4.7 no maneja adecuadamente cuando una cookie no confiable no puede ser creada y utiliza una cookie X11 confiable en su lugar, lo cual permite a los atacantes violar políticas establecidas y obtener privilegios provocando que un clien... • http://bugs.gentoo.org/show_bug.cgi?id=191321 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2007-4654
https://notcve.org/view.php?id=CVE-2007-4654
04 Sep 2007 — Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cisco WebNS 8.20.0.1 on Cisco Content Services Switch (CSS) series 11000 devices allows remote attackers to cause a denial of service (connection slot exhaustion and device crash) via a series of large packets designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144), possibly a related issue to CVE-2002-1024. Vulnerabilidad no especificada en SSHield 1.6.1 con OpenSSH 3.0.2p1 sobre Cisco WebNS 8.20.0.1 sobre dispositivos C... • http://osvdb.org/45873 • CWE-399: Resource Management Errors •
CVSS: 5.3EPSS: 0%CPEs: 62EXPL: 0CVE-2007-2243
https://notcve.org/view.php?id=CVE-2007-2243
25 Apr 2007 — OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483. OpenSSH 4.6 y anteriores, cuando ChallengeResponseAuthentication está habilitado, permite a atacantes remotos determinar la existencia de cuentas de usuario intentando autenticarse mediante S/KEY, lo cual muestra una respuesta dife... • http://lists.grok.org.uk/pipermail/full-disclosure/2007-April/053906.html • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-5794 – OpenSSH privilege separation flaw
https://notcve.org/view.php?id=CVE-2006-5794
08 Nov 2006 — Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist. Vulnerabilidad sin especificar en el sshd Privilege Separation Monitor en OpenSSH para versiones anteriores a la 4.5 que provoca una verifi... • ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc •
CVSS: 9.1EPSS: 41%CPEs: 2EXPL: 2CVE-2006-5229 – Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack
https://notcve.org/view.php?id=CVE-2006-5229
10 Oct 2006 — OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. NOTE: as of 20061014, it appears that this issue is dependent on the use of manually-set passwords that causes delays when processing /etc/shadow due to an increased number of rounds. OpenSSH portable 4.1 en SUSE L... • https://packetstorm.news/files/id/181223 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 1%CPEs: 6EXPL: 4CVE-2006-5051 – unsafe GSSAPI signal handler
https://notcve.org/view.php?id=CVE-2006-5051
27 Sep 2006 — Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. Condición de carrera en el manejador de señal OpenSSH en versiones anteriores a 4.4 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario si la autenticación GSSAPI está habilitada, a través de vectores no especif... • https://github.com/bigb0x/CVE-2024-6387 • CWE-415: Double Free •
CVSS: 9.1EPSS: 14%CPEs: 56EXPL: 0CVE-2006-5052 – Kerberos information leak
https://notcve.org/view.php?id=CVE-2006-5052
27 Sep 2006 — Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort." Vulnerabilidad no especificada en OpenSSH portable anterior a 4.4, cuando funciona sobre algunas plataformas permite a un atacante remoto determinan la validación de los nombres de usuario a través de vectores desconocidos afectando a GSSAPI "aborto de validacion." • http://docs.info.apple.com/article.html?artnum=305214 •
CVSS: 7.8EPSS: 44%CPEs: 56EXPL: 2CVE-2006-4924 – OpenSSH 4.3 p1 - Duplicated Block Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-4924
27 Sep 2006 — sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector. sshd en OpenSSH en versiones anteriores a 4.4, cuando se utiliza la versión 1 del protocolo SSH, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de un paquete SSH que contiene bloques duplicados, los cuales no s... • https://www.exploit-db.com/exploits/2444 • CWE-399: Resource Management Errors •