Количество 13
Количество 13
CVE-2015-5600
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2015-5600
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2015-5600
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2015-5600
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH th ...
GHSA-6x25-gfx2-5crp
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
BDU:2022-07484
Уязвимость функции kbdint_next_device() службы sshd средства криптографической защиты OpenSSH, позволяющая нарушителю реализовать атаку методом «грубой силы» (brute force) или вызвать отказ в обслуживании
ELSA-2016-3531
ELSA-2016-3531: openssh security update (IMPORTANT)
ELSA-2016-0466
ELSA-2016-0466: openssh security update (MODERATE)
SUSE-SU-2015:1840-1
Security update for openssh
ELSA-2015-2088
ELSA-2015-2088: openssh security, bug fix, and enhancement update (MODERATE)
SUSE-SU-2015:1695-1
Security update for openssh
SUSE-SU-2015:1581-1
Security update for openssh
SUSE-SU-2015:1544-1
Security update for openssh
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2015-5600 The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list. | CVSS2: 8.5 | 71% Высокий | больше 10 лет назад |
 | CVE-2015-5600 The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list. | CVSS2: 4.3 | 71% Высокий | больше 10 лет назад |
 | CVE-2015-5600 The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list. | CVSS2: 8.5 | 71% Высокий | больше 10 лет назад |
| CVE-2015-5600 The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH th ... | CVSS2: 8.5 | 71% Высокий | больше 10 лет назад |
| GHSA-6x25-gfx2-5crp The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list. | 71% Высокий | больше 3 лет назад | |
 | BDU:2022-07484 Уязвимость функции kbdint_next_device() службы sshd средства криптографической защиты OpenSSH, позволяющая нарушителю реализовать атаку методом «грубой силы» (brute force) или вызвать отказ в обслуживании | CVSS3: 8.2 | 71% Высокий | больше 10 лет назад |
| ELSA-2016-3531 ELSA-2016-3531: openssh security update (IMPORTANT) | почти 10 лет назад | ||
| ELSA-2016-0466 ELSA-2016-0466: openssh security update (MODERATE) | почти 10 лет назад | ||
 | SUSE-SU-2015:1840-1 Security update for openssh | больше 10 лет назад | ||
| ELSA-2015-2088 ELSA-2015-2088: openssh security, bug fix, and enhancement update (MODERATE) | около 10 лет назад | ||
| SUSE-SU-2015:1695-1 Security update for openssh | больше 10 лет назад | ||
| SUSE-SU-2015:1581-1 Security update for openssh | больше 10 лет назад | ||
| SUSE-SU-2015:1544-1 Security update for openssh | больше 10 лет назад |
Уязвимостей на страницу