Summary
| Detail | |||
|---|---|---|---|
| Vendor | Ssh | First view | 2008-01-09 |
| Product | Tectia Server | Last view | 2021-03-15 |
| Version | 5.3.3 | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:ssh:tectia_server | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7 | 2021-03-15 | CVE-2021-27893 | SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation in nonstandard conditions. ConnectSecure on Windows is affected. |
| 7.8 | 2021-03-15 | CVE-2021-27892 | SSH Tectia Client and Server before 6.4.19 on Windows allow local privilege escalation. ConnectSecure on Windows is affected. |
| 8.8 | 2021-03-15 | CVE-2021-27891 | SSH Tectia Client and Server before 6.4.19 on Windows have weak key generation. ConnectSecure on Windows is affected. |
| 2.6 | 2008-11-19 | CVE-2008-5161 | Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors. |
| 7.2 | 2008-01-09 | CVE-2007-5616 | ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x before 5.3.6, on Unix and Linux allows local users to gain privileges via unspecified vectors. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-200 | Information Exposure |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 50036 | OpenSSH CBC Mode Chosen Ciphertext 32-bit Chunk Plaintext Context Disclosure |
| 50035 | SSH Tectia Multiple Products CBC Mode Chosen Ciphertext 32-bit Chunk Plaintex... |
| 42767 | SSH Tectia Client/Server ssh-signer Unspecified Local Privilege Escalation |
OpenVAS Exploits
| id | Description |
|---|---|
| 2011-08-09 | Name : CentOS Update for openssh CESA-2009:1287 centos5 i386 File : nvt/gb_CESA-2009_1287_openssh_centos5_i386.nasl |
| 2010-05-12 | Name : Mac OS X 10.6.2 Update / Mac OS X Security Update 2009-006 File : nvt/macosx_upd_10_6_2_secupd_2009-006.nasl |
| 2009-09-21 | Name : CentOS Security Advisory CESA-2009:1287 (openssh) File : nvt/ovcesa2009_1287.nasl |
| 2009-09-09 | Name : RedHat Security Advisory RHSA-2009:1287 File : nvt/RHSA_2009_1287.nasl |
| 2009-04-23 | Name : OpenSSH CBC Mode Information Disclosure Vulnerability File : nvt/openssh_32319_remote.nasl |
| 2008-12-02 | Name : OpenSSH CBC Mode Information Disclosure Vulnerability File : nvt/secpod_openssh_information_disclosure_vuln_900179.nasl |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2014-10-10 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL14609.nasl - Type: ACT_GATHER_INFO |
| 2014-05-12 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201405-06.nasl - Type: ACT_GATHER_INFO |
| 2014-04-16 | Name: The remote AIX host is running a vulnerable version of OpenSSH. File: aix_openssh_advisory.nasl - Type: ACT_GATHER_INFO |
| 2013-10-28 | Name: The SSH server is configured to use Cipher Block Chaining. File: ssh_cbc_supported_ciphers.nasl - Type: ACT_GATHER_INFO |
| 2012-08-01 | Name: The remote Scientific Linux host is missing one or more security updates. File: sl_20090902_openssh_on_SL5_x.nasl - Type: ACT_GATHER_INFO |
| 2011-09-27 | Name: The SSH service running on the remote host has an information disclosure vuln... File: openssh_plaintext_recovery.nasl - Type: ACT_GATHER_INFO |
| 2011-08-29 | Name: The SSH service running on the remote host has an information disclosure vuln... File: sunssh_plaintext_recovery.nasl - Type: ACT_GATHER_INFO |
| 2010-01-06 | Name: The remote CentOS host is missing one or more security updates. File: centos_RHSA-2009-1287.nasl - Type: ACT_GATHER_INFO |
| 2009-11-09 | Name: The remote host is missing a Mac OS X update that fixes various security issues. File: macosx_SecUpd2009-006.nasl - Type: ACT_GATHER_INFO |
| 2009-09-02 | Name: The remote Red Hat host is missing one or more security updates. File: redhat-RHSA-2009-1287.nasl - Type: ACT_GATHER_INFO |
| 2007-03-18 | Name: The remote host is missing Sun Security Patch number 122300-61 File: solaris9_122300.nasl - Type: ACT_GATHER_INFO |
| 2007-03-18 | Name: The remote host is missing Sun Security Patch number 122301-61 File: solaris9_x86_122301.nasl - Type: ACT_GATHER_INFO |
