Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openssh 2 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2003-0693
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH prior to 3.7 may allow remote malicious users to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.
Openbsd Openssh
5
CVSSv2
CVE-2018-15473
OpenSSH up to and including 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
Openbsd Openssh
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Workstation 6.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Netapp Cn1610 Firmware -
Netapp Cloud Backup -
Netapp Data Ontap Edge -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Netapp Clustered Data Ontap -
Netapp Service Processor -
Netapp Data Ontap -
Netapp Fas Baseboard Management Controller -
Netapp Aff Baseboard Management Controller -
2 EDB exploits
70 Github repositories
1 Article
7.5
CVSSv2
CVE-2003-0682
"Memory bugs" in OpenSSH 3.7.1 and previous versions, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695.
Openbsd Openssh
7.5
CVSSv2
CVE-2003-0695
Multiple "buffer management errors" in OpenSSH prior to 3.7.1 may allow malicious users to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerabi...
Openbsd Openssh
5.8
CVSSv2
CVE-2019-6111
An issue exists in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal attacks are...
Openbsd Openssh
Winscp Winscp
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Fedoraproject Fedora 30
Apache Mina Sshd 2.2.0
2 EDB exploits
3 Github repositories
1 Article
4
CVSSv2
CVE-2019-6109
An issue exists in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being transfer...
Openbsd Openssh
Winscp Winscp
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Netapp Element Software -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Fedoraproject Fedora 30
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
1 Github repository
1 Article
2.6
CVSSv2
CVE-2018-20685
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
Openbsd Openssh
Winscp Winscp
Netapp Cloud Backup -
Netapp Element Software -
Netapp Storage Automation Store -
Netapp Ontap Select Deploy -
Netapp Steelstore Cloud Integrated Storage -
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 18.10
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.1
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux Server Aus 8.4
1 Github repository
1 Article
NA
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH prior to 9.6 and other products, allows remote malicious users to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may conseque...
Openbsd Openssh
Putty Putty
Filezilla-project Filezilla Client
Microsoft Powershell
Panic Transmit 5
Panic Nova
Roumenpetrov Pkixssh
Winscp Winscp
Bitvise Ssh Client
Bitvise Ssh Server
Lancom-systems Lcos
Lancom-systems Lcos Fx -
Lancom-systems Lcos Lx -
Lancom-systems Lcos Sx 5.20
Lancom-systems Lcos Sx 4.20
Lancom-systems Lanconfig -
Vandyke Securecrt
Libssh Libssh
Net-ssh Net-ssh 7.2.0
Ssh2 Project Ssh2
Proftpd Proftpd
Freebsd Freebsd
8 Github repositories
1 Article
2.6
CVSSv2
CVE-2008-5161
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 up to and including 4.4.11, 5.0 up to and including 5.2.4, and 5.3 up to and including 5.3.8; Client and Server and ConnectSecure 6.0 up to and including 6.0.4; Server for Linux on IBM System...
Openbsd Openssh 4.7p1
Ssh Tectia Client 4.0
Ssh Tectia Client 4.0.1
Ssh Tectia Client 4.3.1
Ssh Tectia Client 4.3.1j
Ssh Tectia Client 4.3.2
Ssh Tectia Client 4.3.8k
Ssh Tectia Client 4.3.9k
Ssh Tectia Client 4.4.7
Ssh Tectia Client 4.4.8
Ssh Tectia Server 4.3
Ssh Tectia Server 4.3.1
Ssh Tectia Server 4.4.2
Ssh Tectia Server 4.4.4
Ssh Tectia Server 4.4.10
Ssh Tectia Server 4.4.11
Ssh Tectia Connector 4.3.5
Ssh Tectia Connector 4.4.0
Ssh Tectia Connector 5.0.0
Ssh Tectia Connector 5.0.1
Ssh Tectia Client 4.0.5
Ssh Tectia Client 4.2
4 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3