CVSS: 5.9EPSS: 67%CPEs: 79EXPL: 3CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •
CVSS: 5.9EPSS: 2%CPEs: 3EXPL: 0CVE-2019-11840 – golang.org/x/crypto: Keystream loop in amd64 assembly when overflowing 32-bit counter
https://notcve.org/view.php?id=CVE-2019-11840
09 May 2019 — An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. A flaw was found in the amd64 implementation of the golang.org/x/crypto/salsa20 and golang.org/x/crypto/salsa20/salsa packages. If more than 256 GiB of keystream is generated, or if the counter otherwise grows greater than 32 bits, the amd64 implementation will first generate incorrect output, and then cycle back to previously generated keystream. Repeated keystream bytes can... • https://bugzilla.redhat.com/show_bug.cgi?id=1691529 • CWE-330: Use of Insufficiently Random Values •
CVSS: 8.1EPSS: 2%CPEs: 1EXPL: 0CVE-2017-3204
https://notcve.org/view.php?id=CVE-2017-3204
04 Apr 2017 — The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism. La librería Go SSH (x/crypto/ssh) por defecto no verifica las claves del host, facilitando ataques man-in-the-middle. El comportamiento predeterminado cambió en commit e4e2799 para requerir el registro explícito de un mecanismo de verificación de hostkey. • http://www.securityfocus.com/bid/97481 • CWE-310: Cryptographic Issues •
CVSS: 7.8EPSS: 2%CPEs: 12EXPL: 0CVE-2011-0766
https://notcve.org/view.php?id=CVE-2011-0766
31 May 2011 — The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys. El generador de números aleatorios de la aplicación Crypto en versiones anteriores a la 2.0.2.2, y SSH anteriores a 2.0.5, como es usado en la librería Erlang/OTP ssh en versiones anteriores a la R14B03, utiliza semillas predecibles b... • http://secunia.com/advisories/44709 • CWE-310: Cryptographic Issues •