Openbsd

Openssh

138 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.81%
  • Veröffentlicht 31.01.2019 18:29:00
  • Zuletzt bearbeitet 28.05.2026 19:16:34

An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes t...

Exploit
  • EPSS 20.91%
  • Veröffentlicht 31.01.2019 18:29:00
  • Zuletzt bearbeitet 18.12.2025 15:15:47

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transfe...

Exploit
  • EPSS 58.2%
  • Veröffentlicht 31.01.2019 18:29:00
  • Zuletzt bearbeitet 18.12.2025 15:15:48

An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned...

  • EPSS 3.68%
  • Veröffentlicht 10.01.2019 21:29:00
  • Zuletzt bearbeitet 17.12.2025 22:15:55

In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side.

  • EPSS 3.56%
  • Veröffentlicht 28.08.2018 08:29:00
  • Zuletzt bearbeitet 18.12.2025 12:15:53

Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not w...

Exploit
  • EPSS 98.63%
  • Veröffentlicht 17.08.2018 19:29:00
  • Zuletzt bearbeitet 17.12.2025 22:15:54

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-...

  • EPSS 15.72%
  • Veröffentlicht 21.01.2018 22:29:00
  • Zuletzt bearbeitet 29.04.2026 16:16:21

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

  • EPSS 3.36%
  • Veröffentlicht 26.10.2017 03:29:00
  • Zuletzt bearbeitet 28.05.2026 19:16:25

The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.

  • EPSS 13.74%
  • Veröffentlicht 11.04.2017 18:59:00
  • Zuletzt bearbeitet 29.05.2026 21:16:27

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding...

  • EPSS 88.94%
  • Veröffentlicht 13.02.2017 17:59:00
  • Zuletzt bearbeitet 29.05.2026 21:16:29

sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference be...