Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openbsd openssh vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2005-2797
OpenSSH 4.0, and other versions prior to 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality.
Openbsd Openssh 4.0
6.5
CVSSv2
CVE-2008-3234
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.
Openbsd Openssh 4.0
1 EDB exploit
6.9
CVSSv2
CVE-2008-1483
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emac...
Openbsd Openssh 4.3p2
4.3
CVSSv2
CVE-2007-3102
Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote malicious users to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained f...
Openbsd Openssh 4.3p2
7.5
CVSSv2
CVE-2000-1169
OpenSSH SSH client prior to 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.
Openbsd Openssh 2.2
4.3
CVSSv2
CVE-2020-14145
The client side in OpenSSH 5.7 up to and including 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle malicious users to target initial connection attempts (where no host key for the server has been cached ...
Openbsd Openssh 8.4
Openbsd Openssh
Openbsd Openssh 8.5
Openbsd Openssh 8.6
Netapp Aff A700s Firmware -
Netapp Steelstore Cloud Integrated Storage -
Netapp Ontap Select Deploy Administration Utility -
Netapp Active Iq Unified Manager
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Compute Node -
1 Github repository
7.8
CVSSv2
CVE-2016-6515
The auth_password function in auth-passwd.c in sshd in OpenSSH prior to 7.3 does not limit password lengths for password authentication, which allows remote malicious users to cause a denial of service (crypt CPU consumption) via a long string.
Openbsd Openssh
Fedoraproject Fedora 24
1 EDB exploit
3 Github repositories
2.1
CVSSv2
CVE-2001-1029
libutil in OpenSSH on FreeBSD 4.4 and previous versions does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or...
Openbsd Openssh 4.5
Freebsd Freebsd
1 EDB exploit
5
CVSSv2
CVE-2006-0883
OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote malicious users to cause a denial of service (client connection refusal) by connecting multiple times to the SSH ...
Openbsd Openssh 3.8.1p1
Freebsd Freebsd 5.3
Freebsd Freebsd 5.4
5
CVSSv2
CVE-2007-4654
Unspecified vulnerability in SSHield 1.6.1 with OpenSSH 3.0.2p1 on Cisco WebNS 8.20.0.1 on Cisco Content Services Switch (CSS) series 11000 devices allows remote malicious users to cause a denial of service (connection slot exhaustion and device crash) via a series of large packe...
Cisco Webns 8.20.0.1
Openbsd Openssh 3.0.2p1
Teamf1 Sshield 1.6.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »