Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openssh 3.7.1 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0787
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows malicious users to modify the stack and possibly gain privileges.
Openbsd Openssh 3.7.1p1
Openbsd Openssh 3.7.1
NA
CVE-2003-0786
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote malicious users to gain privileges.
Openbsd Openssh 3.7.1p1
Openbsd Openssh 3.7.1
NA
CVE-2005-2666
SSH, as implemented in OpenSSH prior to 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional ta...
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.8.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 3.2
Openbsd Openssh 3.6
Openbsd Openssh 3.7
Openbsd Openssh 3.5p1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.3
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.4p1
Openbsd Openssh 3.6.1p1
NA
CVE-2006-0225
scp in OpenSSH 4.2p1 allows malicious users to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.8.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 3.2
Openbsd Openssh 3.6
Openbsd Openssh 3.7
Openbsd Openssh 4.0p1
Openbsd Openssh 3.5p1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.3
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.4p1
NA
CVE-2005-2798
sshd in OpenSSH prior to 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.8.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 3.2
Openbsd Openssh 3.6
Openbsd Openssh 3.7
Openbsd Openssh 4.0p1
Openbsd Openssh 3.5p1
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.3
Openbsd Openssh 3.2.2p1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.4p1
NA
CVE-2011-5000
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and previous versions, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may...
Openbsd Openssh 5.4
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 5.5
Openbsd Openssh 3.0.2p1
Openbsd Openssh 1.5.8
Openbsd Openssh 5.3
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.8
Openbsd Openssh 4.9
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 1.2.1
Openbsd Openssh 3.2
NA
CVE-2006-4924
sshd in OpenSSH prior to 4.4, when using the version 1 SSH protocol, allows remote malicious users to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 1.2.1
Openbsd Openssh 2.2
Openbsd Openssh 3.2
Openbsd Openssh 3.6
Openbsd Openssh 1.2.3
Openbsd Openssh 3.7
Openbsd Openssh 4.0p1
1 EDB exploit
NA
CVE-2006-5052
Unspecified vulnerability in portable OpenSSH prior to 4.4, when running on some platforms, allows remote malicious users to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 1.2.1
Openbsd Openssh 2.2
Openbsd Openssh 3.2
Openbsd Openssh 3.6
Openbsd Openssh 1.2.3
Openbsd Openssh 3.7
Openbsd Openssh 4.0p1
NA
CVE-2007-2243
OpenSSH 4.6 and previous versions, when ChallengeResponseAuthentication is enabled, allows remote malicious users to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue t...
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 1.2.1
Openbsd Openssh 2.2
Openbsd Openssh 3.2
Openbsd Openssh 3.6
Openbsd Openssh 1.2.3
NA
CVE-2008-3259
OpenSSH prior to 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 3.0.2p1
Openbsd Openssh 1.5.8
Openbsd Openssh
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.8
Openbsd Openssh 4.9
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
Openbsd Openssh 3.0
Openbsd Openssh 1.2.1
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »