厂商或团体 openbsd 的搜索结果 (254)

CVE-2015-6565(发布:2015-08-23 21:59:02)NMPS
CVSS7.2

[原文]sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by writing to a device, as demonstrated by writing an escape sequence.

CVE-2015-6564(发布:2015-08-23 21:59:01)NMP
CVSS6.9

[原文]Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging control of the sshd uid to send an unexpectedly early MONITOR_REQ_PAM_FREE_CTX request.

CVE-2015-6563(发布:2015-08-23 21:59:00)NMP
CVSS1.9

[原文]The monitor component in sshd in OpenSSH before 7.0 on non-OpenBSD platforms accepts extraneous username data in MONITOR_REQ_PAM_INIT_CTX requests, which allows local users to conduct impersonation attacks by leveraging any SSH login access in conjunction with control of the sshd uid to send a crafted MONITOR_REQ_PWNAM request, related to monitor.c and monitor_wrap.c.

CVE-2015-5600(发布:2015-08-02 21:59:03)NMCPS
CVSS8.5

[CNNVD]OpenSSH sshd 安全漏洞--OpenSSH(OpenBSD Secure Shell)是OpenBSD计划组所维护的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 6.9及之前版本的sshd中的au...

CVE-2015-5352(发布:2015-08-02 21:59:01)NMPS
CVSS4.3

[原文]The x11_open_helper function in channels.c in ssh in OpenSSH before 6.9, when ForwardX11Trusted mode is not used, lacks a check of the refusal deadline for X connections, which makes it easier for remote attackers to bypass intended access restrictions via a connection outside of the permitted time window.

CVE-2014-9424(发布:2014-12-28 19:59:01)NMC
CVSS7.5

[CNNVD]LibreSSL 双重释放漏洞--LibreSSL是OpenBSD项目开发的一个OpenSSL加密软件库的分支,也是安全套接层(SSL)和传输层安全(TLS)协议的开源实现。 LibreSSL 2.1.1及之前版本的d1_srtp.c文件中的‘ssl_parse_clienthello_use_srt...

首页上一页345678910下一页尾页 第5页 / 共43页

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站