Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openssh 3.8.1p1 vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2006-5051
Signal handler race condition in OpenSSH prior to 4.4 allows remote malicious users to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
Openbsd Openssh
Debian Debian Linux 3.1
Apple Mac Os X
Apple Mac Os X Server
NA
CVE-2011-4327
ssh-keysign.c in ssh-keysign in OpenSSH prior to 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
Openbsd Openssh 5.4
Openbsd Openssh 5.3
Openbsd Openssh 5.2
Openbsd Openssh 5.1
Openbsd Openssh 4.1p1
Openbsd Openssh 4.1
Openbsd Openssh 4.0p1
Openbsd Openssh 4.0
Openbsd Openssh 3.6.1
Openbsd Openssh 3.6
Openbsd Openssh 3.5p1
Openbsd Openssh 3.5
Openbsd Openssh 3.0.1p1
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0
Openbsd Openssh 2.9p2
Openbsd Openssh 1.5.8
Openbsd Openssh 1.5.7
Openbsd Openssh 1.5
Openbsd Openssh 1.3
Openbsd Openssh 4.6
Openbsd Openssh 4.5
NA
CVE-2010-5107
The default configuration of OpenSSH up to and including 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote malicious users to cause a denial of service (connection-slot exhaustion) by periodically making...
Openbsd Openssh
Openbsd Openssh 5.7
Openbsd Openssh 5.1
Openbsd Openssh 4.2p1
Openbsd Openssh 4.1p1
Openbsd Openssh 4.3
Openbsd Openssh 4.4
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 2.1
Openbsd Openssh 2.9.9
Openbsd Openssh 1.5.7
Openbsd Openssh 1.5.8
Openbsd Openssh 1.2
Openbsd Openssh 5.2
Openbsd Openssh 5.3
2 Github repositories
NA
CVE-2011-5000
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and previous versions, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may...
Openbsd Openssh 5.5
Openbsd Openssh 5.4
Openbsd Openssh 4.6
Openbsd Openssh 4.5
Openbsd Openssh 4.0
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0p1
Openbsd Openssh 3.0.2
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh 1.2.3
Openbsd Openssh 1.2.1
Openbsd Openssh
Openbsd Openssh 5.1
Openbsd Openssh 5.0
Openbsd Openssh 4.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 4.4
NA
CVE-2012-0814
The auth_parse_options function in auth-options.c in sshd in OpenSSH prior to 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading these messages, as demonstrated by ...
Openbsd Openssh 5.4
Openbsd Openssh 2
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 5.5
Openbsd Openssh 3.0.2p1
Openbsd Openssh 1.5.8
Openbsd Openssh 5.3
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.8
Openbsd Openssh 4.9
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
1 Github repository
NA
CVE-2010-4755
The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5.8 and previous versions, as used in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, OpenBSD 4.7, and other products, allow remote authenticated users to cause a denial of service (CPU and memor...
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
Openbsd Openssh 1.3
Openbsd Openssh 1.5
Openbsd Openssh 2.9.9p2
Openbsd Openssh 2.9p1
Openbsd Openssh 2.9p2
Openbsd Openssh 3.0
Openbsd Openssh 3.0.1
Openbsd Openssh 3.4
Openbsd Openssh 3.4p1
Openbsd Openssh 3.5
Openbsd Openssh 3.5p1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 4.0
Openbsd Openssh 4.0p1
Openbsd Openssh 4.1
Openbsd Openssh 4.9
Openbsd Openssh
Openbsd Openssh 5.7
Openbsd Openssh 5.6
Openbsd Openssh 1.2.1
NA
CVE-2010-4478
OpenSSH 5.6 and previous versions, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote malicious users to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values ...
Openbsd Openssh 5.4
Openbsd Openssh 3.8
Openbsd Openssh 3.8.1p1
Openbsd Openssh 4.3p2
Openbsd Openssh 3.2.2
Openbsd Openssh 3.1
Openbsd Openssh 5.5
Openbsd Openssh 3.0.2p1
Openbsd Openssh 1.5.8
Openbsd Openssh 5.3
Openbsd Openssh 4.1
Openbsd Openssh 3.8.1
Openbsd Openssh 2.1.1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.8
Openbsd Openssh 4.9
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.1p1
Openbsd Openssh 2.5.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.9
8 Github repositories
NA
CVE-2008-4109
A certain Debian patch for OpenSSH prior to 4.3p2-9etch3 on etch; prior to 4.6p1-1 on sid and lenny; and on other distributions such as SUSE uses functions that are not async-signal-safe in the signal handler for login timeouts, which allows remote malicious users to cause a deni...
Openbsd Openssh 3.8.1p1
Openbsd Openssh 3.9
Openbsd Openssh 3.0.2p1
Openbsd Openssh 2.5
Openbsd Openssh 1.3
Openbsd Openssh 1.5
Openbsd Openssh 3.1p1
Openbsd Openssh 3.0.1
Openbsd Openssh 2.9.9p2
Openbsd Openssh 2.5.2
Openbsd Openssh 3.7.1p1
Openbsd Openssh 3.5p1
Openbsd Openssh 3.6
Openbsd Openssh 3.2.2
Openbsd Openssh 3.2.2p1
Openbsd Openssh
Openbsd Openssh 3.9.1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 2.1.1
Openbsd Openssh 2.2
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
NA
CVE-2008-3259
OpenSSH prior to 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on the HP-UX platform.
Openbsd Openssh 1.2.3
Openbsd Openssh 1.3
Openbsd Openssh 2.3.1
Openbsd Openssh 2.5
Openbsd Openssh 2.9p2
Openbsd Openssh 3.0
Openbsd Openssh 3.1p1
Openbsd Openssh 3.2
Openbsd Openssh 3.5
Openbsd Openssh 3.5p1
Openbsd Openssh 3.7.1p1
Openbsd Openssh 3.7.1p2
Openbsd Openssh 4.0
Openbsd Openssh 4.0p1
Openbsd Openssh 4.4
Openbsd Openssh 4.4p1
Openbsd Openssh 1.5
Openbsd Openssh 1.5.7
Openbsd Openssh 2.5.1
Openbsd Openssh 2.5.2
Openbsd Openssh 3.0.1
Openbsd Openssh 3.0.1p1
1 Github repository
NA
CVE-2007-2243
OpenSSH 4.6 and previous versions, when ChallengeResponseAuthentication is enabled, allows remote malicious users to determine the existence of user accounts by attempting to authenticate via S/KEY, which displays a different response if the user account exists, a similar issue t...
Openbsd Openssh 2.1
Openbsd Openssh 2.1.1
Openbsd Openssh 2.9.9
Openbsd Openssh 2.9.9p2
Openbsd Openssh 3.0p1
Openbsd Openssh 3.1
Openbsd Openssh 3.3p1
Openbsd Openssh 3.4
Openbsd Openssh 3.6.1p2
Openbsd Openssh 3.7
Openbsd Openssh 3.9.1
Openbsd Openssh 3.9.1p1
Openbsd Openssh 4.3
Openbsd Openssh 4.3p1
Openbsd Openssh 1.2.27
Openbsd Openssh 1.2.3
Openbsd Openssh 2.5.2
Openbsd Openssh 2.9
Openbsd Openssh 3.0.2
Openbsd Openssh 3.0.2p1
Openbsd Openssh 3.2.3p1
Openbsd Openssh 3.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »