Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openssh 1.2.27 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2001-0144
CORE SDI SSH1 CRC-32 compensation attack detector allows remote malicious users to execute arbitrary commands on an SSH server or client via an integer overflow.
Openbsd Openssh 1.2.2
Openbsd Openssh 1.2.3
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Openbsd Openssh 2.2
Ssh Ssh 1.2.24
Ssh Ssh 1.2.31
Openbsd Openssh 2.1
Openbsd Openssh 2.1.1
Ssh Ssh 1.2.29
Ssh Ssh 1.2.30
Ssh Ssh 1.2.25
Ssh Ssh 1.2.26
2 EDB exploits
7.8
CVSSv2
CVE-2006-4924
sshd in OpenSSH prior to 4.4, when using the version 1 SSH protocol, allows remote malicious users to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
Openbsd Openssh 1.2.1
Openbsd Openssh 1.2.2
Openbsd Openssh 1.2.27
Openbsd Openssh 2.5.1
Openbsd Openssh 2.5.2
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.6
Openbsd Openssh 3.6.1
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1
Openbsd Openssh 4.2
Openbsd Openssh 4.2p1
Openbsd Openssh 1.2
Openbsd Openssh 2.3
Openbsd Openssh 2.5
Openbsd Openssh 2.9p2
Openbsd Openssh 3.0
Openbsd Openssh 3.1p1
1 EDB exploit
7.6
CVSSv2
CVE-2003-1562
sshd in OpenSSH 3.6.1p2 and previous versions, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote malicious users to use timing differen...
Openbsd Openssh 2
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 1.5.8
Openbsd Openssh 2.1.1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.0
Openbsd Openssh 1.2.1
Openbsd Openssh 2.2
Openbsd Openssh 3.2
Openbsd Openssh 3.6
Openbsd Openssh 1.5.7
Openbsd Openssh 1.2.3
Openbsd Openssh 3.5p1
Openbsd Openssh 2.3.1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 2.1
7.5
CVSSv2
CVE-2010-4478
OpenSSH 5.6 and previous versions, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote malicious users to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values ...
Openbsd Openssh 5.4
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 5.5
Openbsd Openssh 3.0.2p1
Openbsd Openssh 1.5.8
Openbsd Openssh 5.3
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.8
Openbsd Openssh 4.9
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
8 Github repositories
7.5
CVSSv2
CVE-2001-0572
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote malicious user to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password gu...
Openbsd Openssh 4.5
Ssh Ssh 1.2.30
Ssh Ssh 1.2.25
Ssh Ssh 1.2.26
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
Ssh Ssh 1.2.24
Ssh Ssh 1.2.31
5.1
CVSSv2
CVE-2000-0217
The default configuration of SSH allows X forwarding, which could allow a remote malicious user to control a client's X sessions via a malicious xauth program.
Ssh Ssh 1.2.11
Ssh Ssh 1.2.12
Ssh Ssh 1.2.13
Ssh Ssh 1.2.14
Ssh Ssh 1.2.15
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
Ssh Ssh 1.2.3
Ssh Ssh2 2.0.2
Ssh Ssh2 2.0.3
Ssh Ssh2 2.0.4
Ssh Ssh2 2.0.5
Ssh Ssh 1.2.2
Ssh Ssh 1.2.20
Ssh Ssh 1.2.21
Ssh Ssh 1.2.22
Ssh Ssh 1.2.7
Ssh Ssh 1.2.8
Ssh Ssh 1.2.9
Ssh Ssh2 2.0
Ssh Ssh 1.2.0
5
CVSSv2
CVE-2010-5107
The default configuration of OpenSSH up to and including 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote malicious users to cause a denial of service (connection-slot exhaustion) by periodically making...
Openbsd Openssh
Openbsd Openssh 5.7
Openbsd Openssh 5.1
Openbsd Openssh 4.2p1
Openbsd Openssh 4.1p1
Openbsd Openssh 4.3
Openbsd Openssh 4.4
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 2.1
Openbsd Openssh 2.9.9
Openbsd Openssh 1.5.7
Openbsd Openssh 1.5.8
Openbsd Openssh 1.2
Openbsd Openssh 5.2
Openbsd Openssh 5.3
2 Github repositories
5
CVSSv2
CVE-2008-4109
A certain Debian patch for OpenSSH prior to 4.3p2-9etch3 on etch; prior to 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote malicious users to cause a deni...
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0.2p1
Openbsd Openssh 2.5
Openbsd Openssh 1.3
Openbsd Openssh 1.5
Openbsd Openssh 3.1p1
Openbsd Openssh 3.0.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 2.5.2
Openbsd Openssh 3.7.1p1
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh
Openbsd Openssh 3.9.1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 2.1.1
Openbsd Openssh 2.2
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
5
CVSSv2
CVE-2007-2243
OpenSSH 4.6 and previous versions, when ChallengeResponseAuthentication is enabled, allows remote malicious users to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue t...
Openbsd Openssh 2.1
Openbsd Openssh 2.1.1
Openbsd Openssh 2.9.9
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.0p1
Openbsd Openssh 3.1
Openbsd Openssh 3.3p1
Openbsd Openssh 3.4
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.7
Openbsd Openssh 3.9.1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 4.3
Openbsd Openssh 4.3p1
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
Openbsd Openssh 2.5.2
Openbsd Openssh 2.9
Openbsd Openssh 3.0.2
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.3
5
CVSSv2
CVE-2006-5052
Unspecified vulnerability in portable OpenSSH prior to 4.4, when running on some platforms, allows remote malicious users to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
Openbsd Openssh 1.2.1
Openbsd Openssh 1.2.2
Openbsd Openssh 2.5
Openbsd Openssh 2.5.1
Openbsd Openssh 3.0
Openbsd Openssh 3.0.1
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.8
Openbsd Openssh 4.1p1
Openbsd Openssh 4.2
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
Openbsd Openssh 2.5.2
Openbsd Openssh 2.9
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »