Vulnerabilities (CVE)

Vendor filter

Ssh Subscribe

Product filter

Ssh Subscribe

Filter

23 total CVE
CVE Vendors Products Updated CVSS
CVE-2006-5484 1 Ssh 5 Tectia Client Server Connector, Tectia Server, Tectia Client and 2 more 2019-08-28 5.0
SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5...
CVE-2007-5616 3 Ssh, Linux, Opengroup 4 Tectia Server, Tectia Client, Linux Kernel and 1 more 2018-10-26 7.2
ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x before 5.3.6, on Unix and Linux allows local users to gain privileges via unspecified vectors.
CVE-2001-0361 2 Ssh, Openbsd 2 Openssh, Ssh 2018-05-03 4.0
Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on...
CVE-2000-0992 2 Ssh, Openbsd 2 Openssh, Ssh 2018-05-03 5.0
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
CVE-1999-1231 1 Ssh 1 Ssh2 2017-12-19 5.0
ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on...
CVE-2001-0553 1 Ssh 1 Secure Shell 2017-10-10 7.2
SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field.
CVE-2001-0364 1 Ssh 1 Ssh2 2017-10-10 5.0
SSH Communications Security sshd 2.4 for Windows allows remote attackers to create a denial of service via a large number of simultaneous connections.
CVE-2000-0575 1 Ssh 1 Ssh 2017-10-10 7.2
SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is...
CVE-1999-1159 1 Ssh 1 Ssh2 2017-10-10 4.6
SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root.
CVE-2007-2063 1 Ssh 1 Tectia Server 2017-07-29 4.4
SSH Tectia Server for IBM z/OS before 5.4.0 uses insecure world-writable permissions for (1) the server pid file, which allows local users to cause arbitrary processes to be stopped, or (2) when _BPX_BATCH_UMASK is missing from the environment,...
CVE-2006-4316 1 Ssh 1 Tectia Manager 2017-07-20 7.2
SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent...
CVE-2006-4315 1 Ssh 4 Tectia Manager, Tectia Server, Tectia Client and 1 more 2017-07-20 7.2
Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain...
CVE-2002-1715 1 Ssh 2 Ssh, Ssh2 2017-07-11 7.2
SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.
CVE-2002-1644 1 Ssh 1 Ssh2 2017-07-11 7.2
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain...
CVE-2001-1474 1 Ssh 1 Ssh 2017-07-11 5.0
SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.
CVE-2001-1470 1 Ssh 1 Ssh 2017-07-11 5.0
The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the...
CVE-2001-1469 1 Ssh 1 Ssh 2017-07-11 5.0
The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.
CVE-1999-1085 1 Ssh 1 Secure Shell 2016-10-18 5.0
SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known...
CVE-2000-0217 2 Ssh, Openbsd 3 Openssh, Ssh, Ssh2 2008-09-10 5.1
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
CVE-2000-0143 2 Ssh, Openbsd 2 Openssh, Ssh 2008-09-10 4.6
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.