Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openssh vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1483
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emac...
Openbsd Openssh 4.3p2
NA
CVE-2003-0386
OpenSSH 3.6.1 and previous versions, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote malicious users to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose r...
Openbsd Openssh 3.6.1
NA
CVE-1999-1010
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
Openbsd Openssh 1.2.27
1 Github repository
NA
CVE-2006-5229
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote malicious users to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as d...
Openbsd Openssh 4.1
1 EDB exploit
NA
CVE-2006-4925
packet.c in ssh in OpenSSH allows remote malicious users to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.
Openbsd Openssh 4.5
NA
CVE-2005-2797
OpenSSH 4.0, and other versions prior to 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality.
Openbsd Openssh 4.0
NA
CVE-2008-3234
sshd in OpenSSH 4 on Debian GNU/Linux, and the 20070303 OpenSSH snapshot, allows remote authenticated users to obtain access to arbitrary SELinux roles by appending a :/ (colon slash) sequence, followed by the role name, to the username.
Openbsd Openssh 4.0
1 EDB exploit
7.5
CVSSv3
CVE-2016-6515
The auth_password function in auth-passwd.c in sshd in OpenSSH prior to 7.3 does not limit password lengths for password authentication, which allows remote malicious users to cause a denial of service (crypt CPU consumption) via a long string.
Openbsd Openssh
Fedoraproject Fedora 24
1 EDB exploit
3 Github repositories
NA
CVE-2001-1029
libutil in OpenSSH on FreeBSD 4.4 and previous versions does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by specifying alternate copyright or...
Openbsd Openssh 4.5
Freebsd Freebsd
1 EDB exploit
NA
CVE-2002-0765
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
Openbsd Openssh 3.2.2
Openbsd Openbsd 3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »