Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openssh 3.7.1p2 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2004-2069
sshd.c in OpenSSH 3.6.1p2 and 3.7.1p2 and possibly other versions, when using privilege separation, does not properly signal the non-privileged process when a session has been terminated after exceeding the LoginGraceTime setting, which leaves the connection open and allows remot...
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.7.1p2
1.2
CVSSv2
CVE-2005-2666
SSH, as implemented in OpenSSH prior to 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional ta...
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.8.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 3.2
Openbsd Openssh 3.6
Openbsd Openssh 3.7
Openbsd Openssh 3.5p1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.3
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.4p1
Openbsd Openssh 3.6.1p1
4.6
CVSSv2
CVE-2006-0225
scp in OpenSSH 4.2p1 allows malicious users to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
Openbsd Openssh 3.0p1
Openbsd Openssh 3.1
Openbsd Openssh 3.4
Openbsd Openssh 3.4p1
Openbsd Openssh 3.7
Openbsd Openssh 3.7.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.0p1
Openbsd Openssh 4.1p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.3
Openbsd Openssh 3.3p1
Openbsd Openssh 3.6.1p1
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9.1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 3.0
Openbsd Openssh 3.1p1
Openbsd Openssh 3.2
Openbsd Openssh 3.5
Openbsd Openssh 3.5p1
5
CVSSv2
CVE-2005-2798
sshd in OpenSSH prior to 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Openbsd Openssh 3.1p1
Openbsd Openssh 3.2
Openbsd Openssh 3.5
Openbsd Openssh 3.5p1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1
Openbsd Openssh 3.0
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.6
Openbsd Openssh 3.6.1
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0p1
Openbsd Openssh 3.1
Openbsd Openssh 3.4
Openbsd Openssh 3.4p1
Openbsd Openssh 3.7
Openbsd Openssh 3.7.1
5
CVSSv2
CVE-2006-5052
Unspecified vulnerability in portable OpenSSH prior to 4.4, when running on some platforms, allows remote malicious users to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
Openbsd Openssh 1.2.1
Openbsd Openssh 1.2.2
Openbsd Openssh 2.5
Openbsd Openssh 2.5.1
Openbsd Openssh 3.0
Openbsd Openssh 3.0.1
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.8
Openbsd Openssh 4.1p1
Openbsd Openssh 4.2
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
Openbsd Openssh 2.5.2
Openbsd Openssh 2.9
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.3
7.8
CVSSv2
CVE-2006-4924
sshd in OpenSSH prior to 4.4, when using the version 1 SSH protocol, allows remote malicious users to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
Openbsd Openssh 1.2.1
Openbsd Openssh 1.2.2
Openbsd Openssh 1.2.27
Openbsd Openssh 2.5.1
Openbsd Openssh 2.5.2
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.6
Openbsd Openssh 3.6.1
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1
Openbsd Openssh 4.2
Openbsd Openssh 4.2p1
Openbsd Openssh 1.2
Openbsd Openssh 2.3
Openbsd Openssh 2.5
Openbsd Openssh 2.9p2
Openbsd Openssh 3.0
Openbsd Openssh 3.1p1
1 EDB exploit
3.5
CVSSv2
CVE-2011-5000
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and previous versions, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may...
Openbsd Openssh 5.5
Openbsd Openssh 5.4
Openbsd Openssh 4.6
Openbsd Openssh 4.5
Openbsd Openssh 4.0
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 1.2.3
Openbsd Openssh 1.2.1
Openbsd Openssh
Openbsd Openssh 5.1
Openbsd Openssh 5.0
Openbsd Openssh 4.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 4.4
5
CVSSv2
CVE-2007-2243
OpenSSH 4.6 and previous versions, when ChallengeResponseAuthentication is enabled, allows remote malicious users to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue t...
Openbsd Openssh 2.1
Openbsd Openssh 2.1.1
Openbsd Openssh 2.9.9
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.0p1
Openbsd Openssh 3.1
Openbsd Openssh 3.3p1
Openbsd Openssh 3.4
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.7
Openbsd Openssh 3.9.1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 4.3
Openbsd Openssh 4.3p1
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
Openbsd Openssh 2.5.2
Openbsd Openssh 2.9
Openbsd Openssh 3.0.2
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.3
1.2
CVSSv2
CVE-2008-3259
OpenSSH prior to 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
Openbsd Openssh 1.2.3
Openbsd Openssh 1.3
Openbsd Openssh 2.3.1
Openbsd Openssh 2.5
Openbsd Openssh 2.9p2
Openbsd Openssh 3.0
Openbsd Openssh 3.1p1
Openbsd Openssh 3.2
Openbsd Openssh 3.5
Openbsd Openssh 3.5p1
Openbsd Openssh 3.7.1p1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.0
Openbsd Openssh 4.0p1
Openbsd Openssh 4.4
Openbsd Openssh 4.4p1
Openbsd Openssh 1.5
Openbsd Openssh 1.5.7
Openbsd Openssh 2.5.1
Openbsd Openssh 2.5.2
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0.1p1
1 Github repository
5
CVSSv2
CVE-2008-4109
A certain Debian patch for OpenSSH prior to 4.3p2-9etch3 on etch; prior to 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote malicious users to cause a deni...
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0.2p1
Openbsd Openssh 2.5
Openbsd Openssh 1.3
Openbsd Openssh 1.5
Openbsd Openssh 3.1p1
Openbsd Openssh 3.0.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 2.5.2
Openbsd Openssh 3.7.1p1
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh
Openbsd Openssh 3.9.1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 2.1.1
Openbsd Openssh 2.2
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »