Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ssh vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2001-1476
SSH prior to 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easier for remote malicious users to guess portions of user passwords by replaying user sessions with certain modifications, which trigger different messages depending on wh...
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
Ssh Ssh 1.2.30
Ssh Ssh 1.2.25
Ssh Ssh 1.2.26
Ssh Ssh 1.2.24
Ssh Ssh 1.2.31
668
VMScore
CVE-2001-0572
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote malicious user to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password gu...
Openbsd Openssh 4.5
Ssh Ssh 1.2.30
Ssh Ssh 1.2.25
Ssh Ssh 1.2.26
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
Ssh Ssh 1.2.24
Ssh Ssh 1.2.31
365
VMScore
CVE-2001-0259
ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local malicious users to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file.
Ssh Ssh 1.2.28
Ssh Ssh 1.2.29
Ssh Ssh 1.2.27
Ssh Ssh 1.2.30
1 EDB exploit
1000
VMScore
CVE-2001-0144
CORE SDI SSH1 CRC-32 compensation attack detector allows remote malicious users to execute arbitrary commands on an SSH server or client via an integer overflow.
Openbsd Openssh 1.2.2
Openbsd Openssh 1.2.3
Ssh Ssh 1.2.27
Ssh Ssh 1.2.28
Openbsd Openssh 2.2
Ssh Ssh 1.2.24
Ssh Ssh 1.2.31
Openbsd Openssh 2.1
Openbsd Openssh 2.1.1
Ssh Ssh 1.2.29
Ssh Ssh 1.2.30
Ssh Ssh 1.2.25
Ssh Ssh 1.2.26
2 EDB exploits
940
VMScore
CVE-2012-5975
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 up to and including 6.0.20, 6.1.0 up to and including 6.1.12, 6.2.0 up to and including 6.2.5, and 6.3.0 up to and including 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remot...
Ssh Tectia Server 6.0.13
Ssh Tectia Server 6.0.12
Ssh Tectia Server 6.0.11
Ssh Tectia Server 6.0.7
Ssh Tectia Server 6.1.3
Ssh Tectia Server 6.1.2
Ssh Tectia Server 6.1.0
Ssh Tectia Server 6.1.6
Ssh Tectia Server 6.1.1
Ssh Tectia Server 6.0.18
Ssh Tectia Server 6.0.14
Ssh Tectia Server 6.0.6
Ssh Tectia Server 6.0.9
Ssh Tectia Server 6.1.7
Ssh Tectia Server 6.1.4
Ssh Tectia Server 6.2.4
Ssh Tectia Server 6.2.2
Ssh Tectia Server 6.3.0
Ssh Tectia Server 6.0.4
Ssh Tectia Server 6.0.5
Ssh Tectia Server 6.0.20.
Ssh Tectia Server 6.1.12
2 EDB exploits
641
VMScore
CVE-2002-1644
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 up to and including 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows malicious users to gain certain privileges.
Ssh Ssh2 2.4
Ssh Ssh2 2.5
Ssh Ssh2 3.1.4
Ssh Ssh2 3.2
Ssh Ssh2 3.0
Ssh Ssh2 3.0.1
Ssh Ssh2 3.2.1
Ssh Ssh2 2.2
Ssh Ssh2 2.3
Ssh Ssh2 3.1.2
Ssh Ssh2 3.1.3
Ssh Ssh2 2.0.13
Ssh Ssh2 2.1
Ssh Ssh2 3.1
Ssh Ssh2 3.1.1
445
VMScore
CVE-1999-1231
ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote malicious users to determine user account names on the server.
Ssh Ssh2 2.0.10
Ssh Ssh2 2.0.11
Ssh Ssh2 2.0.7
Ssh Ssh2 2.0.8
Ssh Ssh2 2.0.12
Ssh Ssh2 2.0.2
Ssh Ssh2 2.0.9
Ssh Ssh2 2.0.3
Ssh Ssh2 2.0.4
Ssh Ssh2 2.0
Ssh Ssh2 2.0.1
Ssh Ssh2 2.0.5
Ssh Ssh2 2.0.6
668
VMScore
CVE-1999-1029
SSH server (sshd2) prior to 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote malicious user to guess the password without showing up in the audit logs.
Ssh Ssh2 2.0.5
Ssh Ssh2 2.0.6
Ssh Ssh2 2.0.3
Ssh Ssh2 2.0.4
Ssh Ssh2 2.0.11
Ssh Ssh2 2.0.2
Ssh Ssh2 2.0.9
Ssh Ssh2 2.0
Ssh Ssh2 2.0.1
Ssh Ssh2 2.0.10
Ssh Ssh2 2.0.7
Ssh Ssh2 2.0.8
232
VMScore
CVE-2008-5161
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 up to and including 4.4.11, 5.0 up to and including 5.2.4, and 5.3 up to and including 5.3.8; Client and Server and ConnectSecure 6.0 up to and including 6.0.4; Server for Linux on IBM System...
Openbsd Openssh 4.7p1
Ssh Tectia Client 4.0
Ssh Tectia Client 4.0.1
Ssh Tectia Client 4.3.1
Ssh Tectia Client 4.3.1j
Ssh Tectia Client 4.3.2
Ssh Tectia Client 4.3.8k
Ssh Tectia Client 4.3.9k
Ssh Tectia Client 4.4.7
Ssh Tectia Client 4.4.8
Ssh Tectia Server 4.3
Ssh Tectia Server 4.3.1
Ssh Tectia Server 4.4.2
Ssh Tectia Server 4.4.4
Ssh Tectia Server 4.4.10
Ssh Tectia Server 4.4.11
Ssh Tectia Connector 4.3.5
Ssh Tectia Connector 4.4.0
Ssh Tectia Connector 5.0.0
Ssh Tectia Connector 5.0.1
Ssh Tectia Client 4.0.5
Ssh Tectia Client 4.2
4 Github repositories
641
VMScore
CVE-2006-4315
Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server prior to 4.4.5, and Manager 2.12 and previous versions, when running on Windows, might allow local users to gain privileges via a malici...
Ssh Tectia Client 4.0.4
Ssh Tectia Client 4.0.5
Ssh Tectia Client 4.2
Ssh Tectia Client 4.3.4
Ssh Tectia Client 4.3.5
Ssh Tectia Client 4.4.3
Ssh Tectia Client 4.4.4
Ssh Tectia Manager 2.1.2
Ssh Tectia Server 4.0
Ssh Tectia Server 4.3.2
Ssh Tectia Server 4.3.3
Ssh Tectia Server 4.4.3
Ssh Tectia Server 4.4.4
Ssh Tectia Client 4.0
Ssh Tectia Client 4.3.1
Ssh Tectia Client 4.3.1j
Ssh Tectia Client 4.3.8k
Ssh Tectia Client 4.4
Ssh Tectia Client 5.0.1
Ssh Tectia Connector 5.0
Ssh Tectia Server 4.0.5
Ssh Tectia Server 4.2.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »