rpm package
suse/openssh-askpass-gnome&distro=SUSE Linux Enterprise Point of Sale 11 SP3
pkg:rpm/suse/openssh-askpass-gnome&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3
Vulnerabilities (14)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-6109 | Med | 6.8 | < 6.6p1-41.18.1 | 6.6p1-41.18.1 | Jan 31, 2019 | An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being | |
| CVE-2019-6111 | — | < 6.6p1-41.18.1 | 6.6p1-41.18.1 | Jan 31, 2019 | An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal att | ||
| CVE-2018-15473 | — | < 6.2p2-0.41.5.1 | 6.2p2-0.41.5.1 | Aug 17, 2018 | OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c. | ||
| CVE-2016-10708 | Hig | 7.5 | < 6.2p2-0.41.5.1 | 6.2p2-0.41.5.1 | Jan 21, 2018 | sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c. | |
| CVE-2017-15906 | Med | 5.3 | < 6.2p2-0.41.5.1 | 6.2p2-0.41.5.1 | Oct 26, 2017 | The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. | |
| CVE-2016-1908 | Cri | 9.8 | < 6.2p2-0.33.5 | 6.2p2-0.33.5 | Apr 11, 2017 | The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging conf | |
| CVE-2016-6210 | Med | 5.9 | < 6.2p2-0.33.5 | 6.2p2-0.33.5 | Feb 13, 2017 | sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large p | |
| CVE-2016-10012 | Hig | 7.8 | < 6.2p2-0.41.5.1 | 6.2p2-0.41.5.1 | Jan 5, 2017 | The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation pr | |
| CVE-2016-10011 | Med | 6.2 | < 6.2p2-0.40.3 | 6.2p2-0.40.3 | Jan 5, 2017 | authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process. | |
| CVE-2016-10009 | Hig | 7.3 | < 6.2p2-0.40.3 | 6.2p2-0.40.3 | Jan 5, 2017 | Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket. | |
| CVE-2016-8858 | Hig | 7.5 | < 6.2p2-0.40.3 | 6.2p2-0.40.3 | Dec 9, 2016 | The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a securit | |
| CVE-2016-6515 | Hig | 7.5 | < 6.2p2-0.33.5 | 6.2p2-0.33.5 | Aug 7, 2016 | The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string. | |
| CVE-2015-8325 | Hig | 7.8 | < 6.2p2-0.33.5 | 6.2p2-0.33.5 | May 1, 2016 | The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/logi | |
| CVE-2016-3115 | Med | 6.4 | < 6.2p2-0.33.5 | 6.2p2-0.33.5 | Mar 22, 2016 | Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions. |
- affected < 6.6p1-41.18.1fixed 6.6p1-41.18.1
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the client output, e.g., by using ANSI control codes to hide additional files being
- CVE-2019-6111Jan 31, 2019affected < 6.6p1-41.18.1fixed 6.6p1-41.18.1
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned (only directory traversal att
- CVE-2018-15473Aug 17, 2018affected < 6.2p2-0.41.5.1fixed 6.2p2-0.41.5.1
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
- affected < 6.2p2-0.41.5.1fixed 6.2p2-0.41.5.1
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.
- affected < 6.2p2-0.41.5.1fixed 6.2p2-0.41.5.1
The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files.
- affected < 6.2p2-0.33.5fixed 6.2p2-0.33.5
The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding privileges by leveraging conf
- affected < 6.2p2-0.33.5fixed 6.2p2-0.33.5
sshd in OpenSSH before 7.3, when SHA256 or SHA512 are used for user password hashing, uses BLOWFISH hashing on a static password when the username does not exist, which allows remote attackers to enumerate users by leveraging the timing difference between responses when a large p
- affected < 6.2p2-0.41.5.1fixed 6.2p2-0.41.5.1
The shared memory manager (associated with pre-authentication compression) in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation pr
- affected < 6.2p2-0.40.3fixed 6.2p2-0.40.3
authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process.
- affected < 6.2p2-0.40.3fixed 6.2p2-0.40.3
Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-socket.
- affected < 6.2p2-0.40.3fixed 6.2p2-0.40.3
The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a securit
- affected < 6.2p2-0.33.5fixed 6.2p2-0.33.5
The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string.
- affected < 6.2p2-0.33.5fixed 6.2p2-0.33.5
The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/logi
- affected < 6.2p2-0.33.5fixed 6.2p2-0.33.5
Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, related to the (1) do_authenticated1 and (2) session_x11_req functions.