Количество 58
Количество 58
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before...
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.
CVE-2023-48795
CVE-2023-48795
The SSH transport protocol with certain OpenSSH extensions, found in O ...
openSUSE-SU-2024:0135-1
Security update for gitui
openSUSE-SU-2024:0036-1
Security update for tinyssh
openSUSE-SU-2024:0005-1
Security update for putty
openSUSE-SU-2023:0421-1
Security update for proftpd
openSUSE-SU-2023:0411-1
Security update for putty
SUSE-SU-2024:0974-1
Security update for jsch-agent-proxy
SUSE-SU-2024:0972-1
Security update for jbcrypt, trilead-ssh2
SUSE-SU-2024:0558-1
Security update for libssh2_org
SUSE-SU-2024:0543-1
Security update for libssh2_org
SUSE-SU-2024:0460-1
Security update for rekor
SUSE-SU-2024:0430-1
Security update for cosign
SUSE-SU-2024:0327-1
Security update for bouncycastle, jsch
SUSE-SU-2024:0210-1
Security update for erlang
SUSE-SU-2024:0035-1
Security update for python-paramiko
SUSE-SU-2024:0006-1
Security update for libssh2_org
SUSE-SU-2023:4946-1
Security update for libssh2_org
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-48795 The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before... | CVSS3: 5.9 | 77% Высокий | больше 1 года назад |
 | CVE-2023-48795 The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0. | CVSS3: 5.9 | 77% Высокий | больше 1 года назад |
 | CVSS3: 5.9 | 77% Высокий | 10 месяцев назад | |
| CVE-2023-48795 The SSH transport protocol with certain OpenSSH extensions, found in O ... | CVSS3: 5.9 | 77% Высокий | больше 1 года назад |
 | openSUSE-SU-2024:0135-1 Security update for gitui | 77% Высокий | около 1 года назад | |
| openSUSE-SU-2024:0036-1 Security update for tinyssh | 77% Высокий | больше 1 года назад | |
| openSUSE-SU-2024:0005-1 Security update for putty | 77% Высокий | больше 1 года назад | |
| openSUSE-SU-2023:0421-1 Security update for proftpd | 77% Высокий | больше 1 года назад | |
| openSUSE-SU-2023:0411-1 Security update for putty | 77% Высокий | больше 1 года назад | |
| SUSE-SU-2024:0974-1 Security update for jsch-agent-proxy | 77% Высокий | около 1 года назад | |
| SUSE-SU-2024:0972-1 Security update for jbcrypt, trilead-ssh2 | 77% Высокий | около 1 года назад | |
| SUSE-SU-2024:0558-1 Security update for libssh2_org | 77% Высокий | больше 1 года назад | |
| SUSE-SU-2024:0543-1 Security update for libssh2_org | 77% Высокий | больше 1 года назад | |
| SUSE-SU-2024:0460-1 Security update for rekor | 77% Высокий | больше 1 года назад | |
| SUSE-SU-2024:0430-1 Security update for cosign | 77% Высокий | больше 1 года назад | |
| SUSE-SU-2024:0327-1 Security update for bouncycastle, jsch | 77% Высокий | больше 1 года назад | |
| SUSE-SU-2024:0210-1 Security update for erlang | 77% Высокий | больше 1 года назад | |
| SUSE-SU-2024:0035-1 Security update for python-paramiko | 77% Высокий | больше 1 года назад | |
| SUSE-SU-2024:0006-1 Security update for libssh2_org | 77% Высокий | больше 1 года назад | |
| SUSE-SU-2023:4946-1 Security update for libssh2_org | 77% Высокий | больше 1 года назад |
Уязвимостей на страницу