Vulnerabilities (CVE)

Vendor filter

Openbsd Subscribe

Product filter

Openssh Subscribe

Filter

12 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-20685 7 Openbsd, Netapp, Winscp and 4 more 11 Openssh, Cloud Backup, Element Software and 8 more 2019-10-03 2.6
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.
CVE-2006-5229 1 Openbsd 1 Openssh 2018-10-17 2.6
OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid...
CVE-2008-5161 2 Ssh, Openbsd 5 Openssh, Tectia Connectsecure, Tectia Server and 2 more 2018-10-11 2.6
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4;...
CVE-2016-10011 1 Openbsd 1 Openssh 2018-09-11 2.1
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
CVE-2015-6563 2 Apple, Openbsd 2 Openssh, Mac Os X 2018-09-11 1.9
The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in...
CVE-2005-2666 1 Openbsd 1 Openssh 2017-10-11 1.2
SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to...
CVE-2001-1029 2 Openbsd, Freebsd 2 Openssh, Freebsd 2017-10-10 2.1
libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabilities for reading the copyright and welcome files, which allows local users to bypass the capabilities checks and read arbitrary files by...
CVE-2012-0814 1 Openbsd 1 Openssh 2017-08-29 3.5
The auth_parse_options function in auth-options.c in sshd in OpenSSH before 5.7 provides debug messages containing authorized_keys command options, which allows remote authenticated users to obtain potentially sensitive information by reading...
CVE-2008-3259 1 Openbsd 1 Openssh 2017-08-08 1.2
OpenSSH before 5.1 sets the SO_REUSEADDR socket option when the X11UseLocalhost configuration setting is disabled, which allows local users on some platforms to hijack the X11 forwarding port via a bind to a single IP address, as demonstrated on...
CVE-1999-1010 1 Openbsd 1 Openssh 2016-10-18 2.1
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
CVE-2011-4327 1 Openbsd 1 Openssh 2014-02-21 2.1
ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
CVE-2011-5000 1 Openbsd 1 Openssh 2012-07-22 3.5
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain...