Max CVSS | 7.8 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2019-6111 | 5.8 |
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned
|
24-03-2023 - 18:12 | 31-01-2019 - 18:29 | |
CVE-2018-15473 | 5.0 |
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-
|
23-02-2023 - 23:13 | 17-08-2018 - 19:29 | |
CVE-2016-6515 | 7.8 |
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
|
13-12-2022 - 12:15 | 07-08-2016 - 21:59 | |
CVE-2016-6210 | 4.3 |
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference be
|
13-12-2022 - 12:15 | 13-02-2017 - 17:59 | |
CVE-2015-8325 | 7.2 |
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted
|
13-12-2022 - 12:15 | 01-05-2016 - 01:59 | |
CVE-2015-6564 | 6.9 |
Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MON
|
13-12-2022 - 12:15 | 24-08-2015 - 01:59 | |
CVE-2017-15906 | 5.0 |
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
|
13-12-2022 - 12:15 | 26-10-2017 - 03:29 | |
CVE-2016-1908 | 7.5 |
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding
|
13-12-2022 - 12:15 | 11-04-2017 - 18:59 | |
CVE-2016-0778 | 4.6 |
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows r
|
13-12-2022 - 12:15 | 14-01-2016 - 22:59 | |
CVE-2012-5536 | 6.2 |
A certain Red Hat build of the pam_ssh_agent_auth module on Red Hat Enterprise Linux (RHEL) 6 and Fedora Rawhide calls the glibc error function instead of the error function in the OpenSSH codebase, which allows local users to obtain sensitive inform
|
22-04-2019 - 17:48 | 22-02-2013 - 00:55 | |
CVE-2016-3115 | 5.5 |
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_
|
11-09-2018 - 10:29 | 22-03-2016 - 10:59 | |
CVE-2010-5107 | 5.0 |
The default configuration of OpenSSH through 6.1 enforces a fixed time limit between establishing a TCP connection and completing a login, which makes it easier for remote attackers to cause a denial of service (connection-slot exhaustion) by periodi
|
19-09-2017 - 01:31 | 07-03-2013 - 20:55 | |
CVE-2014-9278 | 4.0 |
The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass in
|
08-09-2017 - 01:29 | 06-12-2014 - 15:59 | |
CVE-2014-2653 | 5.8 |
The verify_host_key function in sshconnect.c in the client in OpenSSH 6.6 and earlier allows remote servers to trigger the skipping of SSHFP DNS RR checking by presenting an unacceptable HostCertificate.
|
07-01-2017 - 02:59 | 27-03-2014 - 10:55 | |
CVE-2011-5000 | 3.5 |
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length fi
|
22-07-2012 - 03:33 | 05-04-2012 - 14:55 |