CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2024-41909 – Apache MINA SSHD: integrity check bypass
https://notcve.org/view.php?id=CVE-2024-41909
12 Aug 2024 — Like many other SSH implementations, Apache MINA SSHD suffered from the issue that is more widely known as CVE-2023-48795. An attacker that can intercept traffic between client and server could drop certain packets from the stream, potentially causing client and server to consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack The mitigations to prevent this type of attack were implemented in Apache MINA SSHD 2.12.0, both client and serv... • https://github.com/apache/mina-sshd/issues/445 • CWE-354: Improper Validation of Integrity Check Value •
CVSS: 9.8EPSS: 66%CPEs: 79EXPL: 4CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35887 – Apache MINA SSHD: Information disclosure bugs with RootedFilesystem
https://notcve.org/view.php?id=CVE-2023-35887
10 Jul 2023 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Software Foundation Apache MINA. In SFTP servers implemented using Apache MINA SSHD that use a RootedFileSystem, logged users may be able to discover "exists/does not exist" information about items outside the rooted tree via paths including parent navigation ("..") beyond the root, or involving symlinks. This issue affects Apache MINA: from 1.0 before 2.10. Users are recommended to upgrade to 2.10 A flaw was found in Apache ... • https://lists.apache.org/thread/b9qgtqvhnvgfpn0w1gz918p21p53tqk2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 1CVE-2022-45047 – Apache MINA SSHD: Java unsafe deserialization vulnerability
https://notcve.org/view.php?id=CVE-2022-45047
16 Nov 2022 — Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server. La clase org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider en Apache MINA SSHD anteriore a la versión 2.9.1 usa la deserialización de Java para cargar una java.security.PrivateKey ... • https://github.com/hktalent/CVE-2022-45047 • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.5EPSS: 0%CPEs: 13EXPL: 0CVE-2021-30129 – DoS/OOM leak vulnerability in Apache Mina SSHD Server
https://notcve.org/view.php?id=CVE-2021-30129
12 Jul 2021 — A vulnerability in sshd-core of Apache Mina SSHD allows an attacker to overflow the server causing an OutOfMemory error. This issue affects the SFTP and port forwarding features of Apache Mina SSHD version 2.0.0 and later versions. It was addressed in Apache Mina SSHD 2.7.0 Una vulnerabilidad en sshd-core de Apache Mina SSHD, permite a un atacante desbordar el servidor causando un error de tipo OutOfMemory. Este problema afecta a las funcionalidades SFTP y port forwarding de Apache Mina SSHD versión 2.0.0 y... • http://www.openwall.com/lists/oss-security/2021/07/12/1 • CWE-400: Uncontrolled Resource Consumption CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 5.9EPSS: 57%CPEs: 55EXPL: 6CVE-2019-6111 – OpenSSH SCP Client - Write Arbitrary Files
https://notcve.org/view.php?id=CVE-2019-6111
16 Jan 2019 — An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious scp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the scp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well... • https://packetstorm.news/files/id/151227 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •