Download
| Alert*
|
oval:org.secpod.oval:def:1500925
The OpenSSH server, as used in Fedora and Red Hat Enterprise Linux 7 and when running in a Kerberos environment, allows remote authenticated users to log in as another user when they are listed in the .k5users file of that user, which might bypass intended authentication requirements that would forc ... oval:org.secpod.oval:def:204194 OpenSSH is OpenBSD"s SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip th ... oval:org.secpod.oval:def:30042 The host is installed with OpenSSH 6.6 and earlier and is prone to a security bypass vulnerability. A flaw is present in key_certify function which, fails to properly handle an unacceptable HostCertificate. Successful exploitation allows remote servers to trigger the skipping of SSHFP DNS RR checkin ... oval:org.secpod.oval:def:701631 openssh: secure shell for secure access to remote machines A malicious server could bypass OpenSSH SSHFP DNS record checking. oval:org.secpod.oval:def:501529 OpenSSH is OpenBSD"s SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip th ... oval:org.secpod.oval:def:1500748 Updated openssh packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System base scores, which give detailed ... oval:org.secpod.oval:def:1600060 sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character.The verify_host_key function in sshconnect.c in the client in OpenSSH 6 ... oval:org.secpod.oval:def:204298 OpenSSH is OpenBSD"s SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip th ... oval:org.secpod.oval:def:501419 OpenSSH is OpenBSD"s SSH protocol implementation. These packages include the core files necessary for both the OpenSSH client and server. It was discovered that OpenSSH clients did not correctly verify DNS SSHFP records. A malicious server could use this flaw to force a connecting client to skip th ... oval:org.secpod.oval:def:107086 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:107001 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:21283 The host is missing a patch containing a security fixes, which affects the following package(s):openssh.base.server |
