Download
| Alert*
|
oval:org.secpod.oval:def:39718
The host is missing a security update according to Apple advisory, APPLE-SA-2017-03-27-3. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... oval:org.secpod.oval:def:89002187 This update for openssh fixes the following issues: Security issues fixed: - CVE-2016-10012: Fix pre-auth compression checks that could be optimized away . - CVE-2016-10708: Fix remote denial of service via an out-of-sequence NEWKEYSmessage . - CVE-2017-15906: Fix r/o sftp-server zero byte file cre ... oval:org.secpod.oval:def:43676 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:111858 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:39656 The host is installed with Apple Mac OS X or Server 10.12.3 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly consider the effects of realloc on buffer contents. Successful exploitation could allow local users to obtain sensitive p ... oval:org.secpod.oval:def:703960 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:97658 [CLSA-2022:1658171011] Fixed CVE-2016-10012 in openssh oval:org.secpod.oval:def:97702 [CLSA-2022:1671481339] openssh: Fix of 2 CVEs oval:org.secpod.oval:def:52197 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:89044728 This update for openssh fixes several issues. These security issues were fixed: - CVE-2016-8858: The kex_input_kexinit function in kex.c allowed remote attackers to cause a denial of service by sending many duplicate KEXINIT requests . - CVE-2016-10012: The shared memory manager did not ensure tha ... oval:org.secpod.oval:def:502089 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. The following packages have been upgraded to a later upstream version: openssh . Security Fix: * A covert timin ... oval:org.secpod.oval:def:97655 [CLSA-2022:1657561632] Fixed CVEs in openssh-5.3p1: CVE-2016-10708, CVE-2016-10012 oval:org.secpod.oval:def:1600784 A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticated attacker could possibly use this flaw to determine valid user names by measuring the timing of server responses. It was found that OpenSSH did not limit password lengths f ... oval:org.secpod.oval:def:204642 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. The following packages have been upgraded to a later upstream version: openssh . Security Fix: * A covert timin ... oval:org.secpod.oval:def:1800880 CVE-2016-10009: loading of untrusted PKCS#11 modules in ssh-agent. Ssh-agent could load PKCS#11 modules from paths outside of a trusted whitelist. An attacker able to load a crafted PKCS#11 module across a forwarded agent channel could potentially use this flaw to execute arbitrary code on the syste ... oval:org.secpod.oval:def:51978 openssh: secure shell for secure access to remote machines Several security issues were fixed in OpenSSH. oval:org.secpod.oval:def:39947 The host is missing a patch containing security fixes, which affects the following package(s):openssh.base.server and openssh.base.client oval:org.secpod.oval:def:2100919 The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to th ... oval:org.secpod.oval:def:1501987 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:38609 The host is installed with OpenSSH before 7.4 and is prone to a privilege escalation vulnerability. A flaw is present in sshd, which fails to ensure that a bounds check is enforced by all compilers. Successful exploitation could allow local users to gain privileges by leveraging access to a sandboxe ... |
