Show filters
309 Total Results
Displaying 141-150 of 309
Sort by:
Attacker Value
Unknown
CVE-2016-6210
Disclosure Date: February 13, 2017 (last updated November 26, 2024)
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large password is provided.
0
Attacker Value
Unknown
CVE-2016-10011
Disclosure Date: January 05, 2017 (last updated November 25, 2024)
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
0
Attacker Value
Unknown
CVE-2016-10012
Disclosure Date: January 05, 2017 (last updated November 08, 2023)
The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to the m_zback and m_zlib data structures.
0
Attacker Value
Unknown
CVE-2016-10010
Disclosure Date: January 05, 2017 (last updated November 25, 2024)
sshd in OpenSSH before 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related to serverloop.c.
0
Attacker Value
Unknown
CVE-2016-10009
Disclosure Date: January 05, 2017 (last updated November 25, 2024)
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
0
Attacker Value
Unknown
CVE-2016-8858
Disclosure Date: December 09, 2016 (last updated November 08, 2023)
The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."
0
Attacker Value
Unknown
CVE-2016-6515
Disclosure Date: August 07, 2016 (last updated November 08, 2023)
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
0
Attacker Value
Unknown
CVE-2016-4422
Disclosure Date: May 06, 2016 (last updated November 25, 2024)
The pam_sm_authenticate function in pam_sshauth.c in libpam-sshauth might allow context-dependent attackers to bypass authentication or gain privileges via a system user account.
0
Attacker Value
Unknown
CVE-2015-8325
Disclosure Date: May 01, 2016 (last updated November 25, 2024)
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as demonstrated by an LD_PRELOAD environment variable.
0
Attacker Value
Unknown
CVE-2016-0787
Disclosure Date: April 13, 2016 (last updated November 25, 2024)
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
0