SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation in nonstandard conditions. ConnectSecure on Windows is affected.
Max CVSS
7.0
EPSS Score
0.04%
Published
2021-03-15
Updated
2022-07-12
SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation. ConnectSecure on Windows is affected.
Max CVSS
7.8
EPSS Score
0.04%
Published
2021-03-15
Updated
2022-07-12
SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected.
Max CVSS
8.8
EPSS Score
0.10%
Published
2021-03-15
Updated
2021-03-23

CVE-2012-5975

Public exploit
The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords, as demonstrated by a root login session from a modified OpenSSH client with an added input_userauth_passwd_changereq call in sshconnect2.c.
Max CVSS
9.3
EPSS Score
51.58%
Published
2012-12-04
Updated
2012-12-05
The random number generator in the Crypto application before 2.0.2.2, and SSH before 2.0.5, as used in the Erlang/OTP ssh library before R14B03, uses predictable seeds based on the current time, which makes it easier for remote attackers to guess DSA host and SSH session keys.
Max CVSS
7.8
EPSS Score
0.25%
Published
2011-05-31
Updated
2023-09-25
ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x before 5.3.6, on Unix and Linux allows local users to gain privileges via unspecified vectors.
Max CVSS
7.2
EPSS Score
0.04%
Published
2008-01-09
Updated
2020-09-28
SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and restart it with root privileges.
Max CVSS
7.2
EPSS Score
0.06%
Published
2006-08-23
Updated
2017-07-20
Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories.
Max CVSS
7.2
EPSS Score
0.04%
Published
2006-08-23
Updated
2017-07-20
SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authentication only, allows users to log in with the wrong credentials.
Max CVSS
7.5
EPSS Score
0.62%
Published
2005-12-17
Updated
2011-03-08
SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.
Max CVSS
7.2
EPSS Score
0.04%
Published
2002-12-31
Updated
2017-07-11
SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server.
Max CVSS
7.5
EPSS Score
1.59%
Published
2002-12-31
Updated
2017-07-11
Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote attackers to execute arbitrary code via a long URL.
Max CVSS
10.0
EPSS Score
1.80%
Published
2002-11-25
Updated
2017-07-11
SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges.
Max CVSS
7.2
EPSS Score
0.06%
Published
2002-11-25
Updated
2017-07-11
SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easier for remote attackers to guess portions of user passwords by replaying user sessions with certain modifications, which trigger different messages depending on whether the guess is correct or not.
Max CVSS
7.5
EPSS Score
0.40%
Published
2001-01-18
Updated
2017-07-11
SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is generated.
Max CVSS
7.5
EPSS Score
0.55%
Published
2001-01-18
Updated
2017-07-11
The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows the attacker to compute the corresponding private key and use the target's Session ID with the compromised key pair to masquerade as the target.
Max CVSS
7.5
EPSS Score
0.26%
Published
2001-01-18
Updated
2017-07-11
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands.
Max CVSS
7.5
EPSS Score
1.61%
Published
2001-08-22
Updated
2008-09-05
SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-08-14
Updated
2017-10-10
SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack.
Max CVSS
7.5
EPSS Score
0.54%
Published
2001-06-27
Updated
2008-09-05
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
Max CVSS
10.0
EPSS Score
12.25%
Published
2001-03-12
Updated
2018-05-03
SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS.
Max CVSS
7.2
EPSS Score
0.25%
Published
2000-07-05
Updated
2017-10-10
SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs.
Max CVSS
7.5
EPSS Score
0.87%
Published
1999-05-13
Updated
2017-12-19
SSH 1.2.25 on HP-UX allows access to new user accounts.
Max CVSS
7.5
EPSS Score
1.50%
Published
1998-09-01
Updated
2022-08-17
A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.
Max CVSS
10.0
EPSS Score
11.70%
Published
1999-01-01
Updated
2008-09-05
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.
Max CVSS
7.5
EPSS Score
0.04%
Published
1998-01-22
Updated
2022-08-17
25 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!