CVSS: 5.9EPSS: 67%CPEs: 79EXPL: 3CVE-2023-48795 – ssh: Prefix truncation attack on Binary Packet Protocol (BPP)
https://notcve.org/view.php?id=CVE-2023-48795
18 Dec 2023 — The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phas... • https://packetstorm.news/files/id/176280 • CWE-222: Truncation of Security-relevant Information CWE-354: Improper Validation of Integrity Check Value •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 1CVE-2022-24302 – python-paramiko: Race condition in the write_private_key_file function
https://notcve.org/view.php?id=CVE-2022-24302
17 Mar 2022 — In Paramiko before 2.10.1, a race condition (between creation and chmod) in the write_private_key_file function could allow unauthorized information disclosure. En Paramiko versiones anteriores a 2.10.1, una condición de carrera (entre creation y chmod) en la función write_private_key_file podría permitir una divulgación de información no autorizada A race condition was found in Paramiko. This flaw allows unauthorized information disclosure from an attacker with access to the write_private_key_file. The ovi... • https://github.com/paramiko/paramiko/blob/363a28d94cada17f012c1604a3c99c71a2bda003/paramiko/pkey.py#L546 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 22%CPEs: 23EXPL: 5CVE-2018-7750 – Paramiko 2.4.1 - Authentication Bypass
https://notcve.org/view.php?id=CVE-2018-7750
13 Mar 2018 — transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. transport.py en la implementación del servidor SSH de Paramiko, en versiones anteriores a la 1.17.6; versiones 1.18.x ante... • https://packetstorm.news/files/id/150020 • CWE-287: Improper Authentication •
CVSS: 4.3EPSS: 1%CPEs: 1EXPL: 1CVE-2008-0299
https://notcve.org/view.php?id=CVE-2008-0299
16 Jan 2008 — common.py in Paramiko 1.7.1 and earlier, when using threads or forked processes, does not properly use RandomPool, which allows one session to obtain sensitive information from another session by predicting the state of the pool. common.py in Paramiko 1.7.1 y versiones anteriores, cuando se utilizan hilos o procesos bifurcados, no utiliza apropiadamente RandomPool, lo cual permite a una sesión obtener información confidencial de otra sesión prediciendo el estado de la pila de conexiones. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=460706 •