Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-25136

Опубликовано: 03 фев. 2023
Источник: nvd
CVSS3: 6.5
EPSS Критический

Описание

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:openbsd:openssh:9.1:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*
Конфигурация 5

Одновременно

cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*
Конфигурация 6

Одновременно

cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*

EPSS

Процентиль: 100%
0.90483
Критический

6.5 Medium

CVSS3

Дефекты

CWE-415

Связанные уязвимости

ubuntu логотип

CVE-2023-25136

CVSS3: 6.5
ubuntu
около 3 лет назад

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."

redhat логотип

CVE-2023-25136

CVSS3: 6.5
redhat
около 3 лет назад

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."

msrc логотип

CVE-2023-25136

CVSS3: 6.5
msrc
4 месяца назад

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."

debian логотип

CVE-2023-25136

CVSS3: 6.5
debian
около 3 лет назад

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability durin ...

github логотип

GHSA-w62j-g234-3f6f

CVSS3: 9.8
github
около 3 лет назад

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be triggered by an unauthenticated attacker in the default configuration; however, the vulnerability discoverer reports that "exploiting this vulnerability will not be easy."

EPSS

Процентиль: 100%
0.90483
Критический

6.5 Medium

CVSS3

Дефекты

CWE-415