Tunneling protocol vulnerabilities
Showing 251 - 255 of 255 CVEs
- CVE-2000-0999 Published Dec 11, 2000
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.
- CVE-2000-0525 Published Jun 8, 2000
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.
- CVE-2000-0217 Published Feb 24, 2000
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
- CVE-2000-0143 Published Feb 11, 2000
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
- CVE-1999-1010 Published Dec 14, 1999
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.