National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): openssh
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 106 matching records.
Displaying matches 101 through 106.
Vuln ID Summary CVSS Severity

Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5.

Published: June 27, 2001; 12:00:00 AM -04:00
V2: 4.0 MEDIUM

OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d.

Published: June 19, 2001; 12:00:00 AM -04:00
V2: 7.5 HIGH

OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent.

Published: January 09, 2001; 12:00:00 AM -05:00
V2: 7.5 HIGH

OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken.

Published: June 12, 2000; 12:00:00 AM -04:00
V2: 5.0 MEDIUM

OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.

Published: June 08, 2000; 12:00:00 AM -04:00
V2: 10.0 HIGH

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.

Published: January 01, 1999; 12:00:00 AM -05:00
V2: 10.0 HIGH