Page 6 of 48 results (0.008 seconds)

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

Buffer overflow in Dropbear server before 0.47 allows authenticated users to execute arbitrary code via unspecified inputs that cause insufficient memory to be allocated due to an incorrect expression that does not enforce the proper order of operations. • http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2005q4/000312.html http://matt.ucc.asn.au/dropbear/dropbear.html http://secunia.com/advisories/18108 http://secunia.com/advisories/18109 http://secunia.com/advisories/18142 http://www.debian.org/security/2005/dsa-923 http://www.gentoo.org/security/en/glsa/glsa-200512-13.xml http://www.securityfocus.com/bid/15923 http://www.vupen.com/english/advisories/2005/2962 •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

The DSS verification code in Dropbear SSH Server before 0.43 frees uninitialized variables, which might allow remote attackers to gain access. • http://matt.ucc.asn.au/dropbear/CHANGES http://secunia.com/advisories/12153 http://secunia.com/advisories/28935 http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7a.shtml http://www.osvdb.org/8137 http://www.securityfocus.com/bid/10803 http://www.vupen.com/english/advisories/2008/0543 https://exchange.xforce.ibmcloud.com/vulnerabilities/16810 https://exchange.xforce.ibmcloud.com/vulnerabilities/40490 •

CVSS: 7.2EPSS: 0%CPEs: 52EXPL: 2

SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access. • https://www.exploit-db.com/exploits/21398 http://online.securityfocus.com/archive/1/268446 http://www.securityfocus.com/bid/4547 https://exchange.xforce.ibmcloud.com/vulnerabilities/8908 •

CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 1

The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands. • http://archives.neohapsis.com/archives/bugtraq/2001-03/0225.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000391 http://www.kb.cert.org/vuls/id/596827 http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-033.php3 http://www.redhat.com/support/errata/RHSA-2001-033.html •

CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0

Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:24.ssh.asc http://marc.info/?l=bugtraq&m=98158450021686&w=2 http://www.ciac.org/ciac/bulletins/l-047.shtml http://www.debian.org/security/2001/dsa-023 http://www.debian.org/security/2001/dsa-027 http://www.debian.org/security/2001/dsa-086 http://www.novell.com/linux/security/advisories/adv004_ssh.html http://www.osvdb.org/2116 http://www.securityfocus.com/bid/2344 https://exchange.xforce& • CWE-310: Cryptographic Issues •