CVSS: 7.5EPSS: 0%CPEs: 78EXPL: 0CVE-2012-0814 – Gentoo Linux Security Advisory 201405-06
https://notcve.org/view.php?id=CVE-2012-0814
27 Jan 2012 — The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by the shared user account required by Gitolite. NOTE: this can cross privilege boundaries because a user account may intentionally have no shell or filesystem access, and therefore may have no supported way to read an authorized_keys fi... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657445 • CWE-255: Credentials Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 84EXPL: 3CVE-2010-4755 – Gentoo Linux Security Advisory 201405-06
https://notcve.org/view.php?id=CVE-2010-4755
02 Mar 2011 — The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and earlier, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in SSH_FXP_STAT requests to an sftp daemon, a different vulnerability than CVE-2010-2632. La (1) función remote_glob en sftp-glob... • http://cvsweb.netbsd.org/cgi-bin/cvsweb.cgi/src/crypto/dist/ssh/Attic/sftp-glob.c#rev1.13.12.1 • CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 0%CPEs: 78EXPL: 1CVE-2010-4478 – Gentoo Linux Security Advisory 201405-06
https://notcve.org/view.php?id=CVE-2010-4478
06 Dec 2010 — OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-2010-4252. OpenSSH v5.6 y versiones anteriores, si J-PAKE está activo, no valida apropiadamente los parámetros públicos en el protocolo J-PAKE, lo que permite a atacantes remotos evitar la neces... • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673 • CWE-287: Improper Authentication •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2009-2904 – openssh: possible privilege escalation when using ChrootDirectory setting
https://notcve.org/view.php?id=CVE-2009-2904
01 Oct 2009 — A certain Red Hat modification to the ChrootDirectory feature in OpenSSH 4.8, as used in sshd in OpenSSH 4.3 in Red Hat Enterprise Linux (RHEL) 5.4 and Fedora 11, allows local users to gain privileges via hard links to setuid programs that use configuration files within the chroot directory, related to requirements for directory ownership. Ciertas modificaciones Ret Hat en ChrootDirectory feature en OpenSSH v4.8, como el usado en sshd en OpenSSH v4.3 en Red Hat Enterprise Linux (RHEL) v5.4 y Fedora v11, per... • http://lists.fedoraproject.org/pipermail/package-announce/2010-March/038214.html • CWE-16: Configuration •
CVSS: 10.0EPSS: 2%CPEs: 167EXPL: 0CVE-2008-5161 – SSH Version Scanner
https://notcve.org/view.php?id=CVE-2008-5161
19 Nov 2008 — Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote a... • http://isc.sans.org/diary.html?storyid=5366 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 1%CPEs: 133EXPL: 1CVE-2008-4109 – Ubuntu Security Notice 649-1
https://notcve.org/view.php?id=CVE-2008-4109
16 Sep 2008 — A certain Debian patch for OpenSSH before 4.3p2-9etch3 on etch; before 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote attackers to cause a denial of service (connection slot exhaustion) via multiple login attempts. NOTE: this issue exists because of an incorrect fix for CVE-2006-5051. Cierto parche de Debian para OpenSSH en versiones anteriores a 4.3p2-9etch3 en etch, y versiones an... • https://github.com/bigb0x/CVE-2024-6387 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 1.2EPSS: 0%CPEs: 71EXPL: 0CVE-2008-3259
https://notcve.org/view.php?id=CVE-2008-3259
22 Jul 2008 — OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform. OpenSSH anterior a 5.1 activa la opción del socket SO_REUSEADDR cuando la configuración X11UseLocalhost está desactivada, lo que permite a usuarios locales en determinadas plataformas, secuestrar el puerto de reenvío X11 a través de una única dir... • http://openssh.com/security.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2008-1657 – Gentoo Linux Security Advisory 200804-3
https://notcve.org/view.php?id=CVE-2008-1657
02 Apr 2008 — OpenSSH 4.4 up to versions before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file. OpenSSH versión 4.4 anterior a 4.9, permite a los usuarios autenticados remotos omitir la directiva ForceCommand de sshd_config mediante la modificación del archivo de sesión .ssh/rc. It was discovered that the ForceCommand directive could be bypassed. If a local user created a malicious ~/.ssh/rc file, they could execute arbitrary commands as their ... • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-005.txt.asc • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 2%CPEs: 13EXPL: 0CVE-2007-4752 – openssh falls back to the trusted x11 cookie if generation of an untrusted cookie fails
https://notcve.org/view.php?id=CVE-2007-4752
12 Sep 2007 — ssh in OpenSSH before 4.7 does not properly handle when an untrusted cookie cannot be created and uses a trusted X11 cookie instead, which allows attackers to violate intended policy and gain privileges by causing an X client to be treated as trusted. ssh en OpenSSH anterior a 4.7 no maneja adecuadamente cuando una cookie no confiable no puede ser creada y utiliza una cookie X11 confiable en su lugar, lo cual permite a los atacantes violar políticas establecidas y obtener privilegios provocando que un clien... • http://bugs.gentoo.org/show_bug.cgi?id=191321 • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 62EXPL: 1CVE-2007-2243 – OpenSSH s/key Weakness
https://notcve.org/view.php?id=CVE-2007-2243
21 Apr 2007 — OpenSSH 4.6 and earlier, when ChallengeResponseAuthentication is enabled, allows remote attackers to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue to CVE-2001-1483. OpenSSH 4.6 y anteriores, cuando ChallengeResponseAuthentication está habilitado, permite a atacantes remotos determinar la existencia de cuentas de usuario intentando autenticarse mediante S/KEY, lo cual muestra una respuesta dife... • https://packetstorm.news/files/id/73600 • CWE-287: Improper Authentication •