Download
| Alert*
oval:org.secpod.oval:def:96507
openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:96807 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:89051542 This update for openssh fixes the following issues: * CVE-2023-51385: Fixed a command injection via user name or host name metacharacters . * Remember the state of sshd service during update / removal, to allow cut- over to a different openssh package. bsc#1220110 oval:org.secpod.oval:def:96548 The host is installed with OpenSSH before 9.6 and is prone to an OS command injection vulnerability. A flaw is present in the application, which fails to handle username or hostname having shell metacharacters. Successful exploitation could lead to deletion of consecutive messages oval:org.secpod.oval:def:509124 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: ssh: Prefix truncation attack on Binary Packet Protocol openssh: potential command injection via ... oval:org.secpod.oval:def:97781 [CLSA-2023:1703785140] openssh: Fix of CVE-2023-51385 oval:org.secpod.oval:def:1507374 [8.7p1-34.3] - Fix Terrapin attack Resolves: RHEL-19764 - Forbid shell metasymbols in username/hostname Resolves: RHEL-19822 oval:org.secpod.oval:def:89051534 This update for openssh fixes the following issues: * CVE-2023-51385: Fixed command injection via user name or host name metacharacters . oval:org.secpod.oval:def:127033 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:708678 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:89051532 This update for openssh fixes the following issues: * CVE-2023-51385: Limit the use of shell metacharacters in host- and user names to avoid command injection oval:org.secpod.oval:def:19500652 In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host ... oval:org.secpod.oval:def:509034 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix: ssh: Prefix truncation attack on Binary Packet Protocol openssh: potential command injection via ... oval:org.secpod.oval:def:98313 The host is installed with Apple Mac OS 14 before 14.4 and is prone to multiple vulnerabilities. The flaws are present in the application, which fails to properly handle issues in unspecified vectors. On successful exploitation, multiple issues in openssh. oval:org.secpod.oval:def:2108453 Oracle Solaris 11 - ( CVE-2023-38408 ) oval:org.secpod.oval:def:2501316 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. oval:org.secpod.oval:def:2600519 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. oval:org.secpod.oval:def:1702223 In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host ... oval:org.secpod.oval:def:1507329 [8.0p1-19.0.1.2] - Update patches for CVE-2023-51385, CVE-2023-48795 [Orabug: 36256632] [8.0p1-19.2] - Forbid shell metasymbols in username/hostname Resolves: CVE-2023-51385 - Fix Terrapin attack Resolves: CVE-2023-48795 oval:org.secpod.oval:def:96508 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:96808 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:98308 The host is missing a security update according to Apple advisory. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to handle multiple issues in various components. Successful exploitation allow attackers to execute arbitrary, cause denial ... oval:org.secpod.oval:def:126991 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:96939 Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite. CVE-2021-41617 It was discovered that sshd failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUse ... oval:org.secpod.oval:def:98536 The host is missing a patch containing security fixes, which affects the following package(s):openssh.base.server and openssh.base.client oval:org.secpod.oval:def:612879 Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite. CVE-2021-41617 It was discovered that sshd failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUse ... |