Download
| Alert*
|
oval:org.secpod.oval:def:70560
openssh: secure shell for secure access to remote machines OpenSSH could be made to crash or run programs if it received specially crafted network traffic. oval:org.secpod.oval:def:120400 SSH is a program for logging into and executing commands on a remote machine. SSH is intended to replace rlogin and rsh, and to provide secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the sec ... oval:org.secpod.oval:def:1801875 A double-free memory corruption, introduced in OpenSSH 8.2, that could be reached by an attacker with access to the agent socket. Exploitable by a user forwarding an agent either to an account shared with a malicious user or to a host with an attacker holding root access. oval:org.secpod.oval:def:74698 The host is installed with OpenSSH before 8.5 and is prone to a double-free memory corruption vulnerability. A flaw is present in application, which fails to handle issues in ssh-agent. Successful exploitation could leads to unconstrained agent-socket access on a legacy operating system, or the forw ... oval:org.secpod.oval:def:2106587 Oracle Solaris 11 - ( CVE-2021-28041 ) oval:org.secpod.oval:def:89047228 This update for openssh fixes the following issues: - CVE-2021-28041: Fixed double free in ssh-agent . oval:org.secpod.oval:def:705927 openssh: secure shell for secure access to remote machines OpenSSH could be made to crash or run programs if it received specially crafted network traffic. |
