All the vulnerabilites related to ssh - tectia_connector
cve-2008-5161
Vulnerability from cvelistv5
Published
2008-11-19 17:00
Modified
2024-08-07 10:40
Severity ?
EPSS score ?
Summary
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T10:40:17.282Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://openssh.org/txt/cbc.adv"
},
{
"name": "247186",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1"
},
{
"name": "32319",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/32319"
},
{
"name": "33121",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33121"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"name": "49872",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/49872"
},
{
"name": "33308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/33308"
},
{
"name": "RHSA-2009:1287",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-1287.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt"
},
{
"name": "1021382",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021382"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
},
{
"name": "50036",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50036"
},
{
"name": "32833",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32833"
},
{
"name": "36558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36558"
},
{
"name": "50035",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/50035"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/news/article/953/"
},
{
"name": "1021235",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021235"
},
{
"name": "34857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/34857"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.attachmate.com/techdocs/2398.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html"
},
{
"name": "ADV-2008-3173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3173"
},
{
"name": "20081123 Revised: OpenSSH security advisory: cbc.adv",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498579/100/0/threaded"
},
{
"name": "openssh-sshtectia-cbc-info-disclosure(46620)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46620"
},
{
"name": "32740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32740"
},
{
"name": "ADV-2009-1135",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1135"
},
{
"name": "32760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32760"
},
{
"name": "ADV-2009-3184",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "1021236",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1021236"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10106"
},
{
"name": "HPSBMA02447",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125017764422557\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://isc.sans.org/diary.html?storyid=5366"
},
{
"name": "APPLE-SA-2009-11-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE",
"x_transferred"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "SSRT090062",
"tags": [
"vendor-advisory",
"x_refsource_HP",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125017764422557\u0026w=2"
},
{
"name": "ADV-2008-3409",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3409"
},
{
"name": "ADV-2008-3172",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/3172"
},
{
"name": "oval:org.mitre.oval:def:11279",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279"
},
{
"name": "20081121 OpenSSH security advisory: cbc.adv",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/498558/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.apple.com/kb/HT3937"
},
{
"name": "VU#958563",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/958563"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-11-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://openssh.org/txt/cbc.adv"
},
{
"name": "247186",
"tags": [
"vendor-advisory",
"x_refsource_SUNALERT"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1"
},
{
"name": "32319",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/32319"
},
{
"name": "33121",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33121"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"name": "49872",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/49872"
},
{
"name": "33308",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/33308"
},
{
"name": "RHSA-2009:1287",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2009-1287.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt"
},
{
"name": "1021382",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021382"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
},
{
"name": "50036",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50036"
},
{
"name": "32833",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32833"
},
{
"name": "36558",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36558"
},
{
"name": "50035",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/50035"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/news/article/953/"
},
{
"name": "1021235",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021235"
},
{
"name": "34857",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/34857"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.attachmate.com/techdocs/2398.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html"
},
{
"name": "ADV-2008-3173",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3173"
},
{
"name": "20081123 Revised: OpenSSH security advisory: cbc.adv",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498579/100/0/threaded"
},
{
"name": "openssh-sshtectia-cbc-info-disclosure(46620)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46620"
},
{
"name": "32740",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32740"
},
{
"name": "ADV-2009-1135",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1135"
},
{
"name": "32760",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32760"
},
{
"name": "ADV-2009-3184",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "1021236",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1021236"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10106"
},
{
"name": "HPSBMA02447",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125017764422557\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://isc.sans.org/diary.html?storyid=5366"
},
{
"name": "APPLE-SA-2009-11-09-1",
"tags": [
"vendor-advisory",
"x_refsource_APPLE"
],
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "SSRT090062",
"tags": [
"vendor-advisory",
"x_refsource_HP"
],
"url": "http://marc.info/?l=bugtraq\u0026m=125017764422557\u0026w=2"
},
{
"name": "ADV-2008-3409",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3409"
},
{
"name": "ADV-2008-3172",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/3172"
},
{
"name": "oval:org.mitre.oval:def:11279",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279"
},
{
"name": "20081121 OpenSSH security advisory: cbc.adv",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/498558/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.apple.com/kb/HT3937"
},
{
"name": "VU#958563",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/958563"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-5161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://openssh.org/txt/cbc.adv",
"refsource": "CONFIRM",
"url": "http://openssh.org/txt/cbc.adv"
},
{
"name": "247186",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1"
},
{
"name": "32319",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/32319"
},
{
"name": "33121",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33121"
},
{
"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667",
"refsource": "CONFIRM",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"name": "49872",
"refsource": "OSVDB",
"url": "http://osvdb.org/49872"
},
{
"name": "33308",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/33308"
},
{
"name": "RHSA-2009:1287",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2009-1287.html"
},
{
"name": "http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt",
"refsource": "MISC",
"url": "http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt"
},
{
"name": "1021382",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021382"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
},
{
"name": "50036",
"refsource": "OSVDB",
"url": "http://osvdb.org/50036"
},
{
"name": "32833",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32833"
},
{
"name": "36558",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36558"
},
{
"name": "50035",
"refsource": "OSVDB",
"url": "http://osvdb.org/50035"
},
{
"name": "http://www.ssh.com/company/news/article/953/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/news/article/953/"
},
{
"name": "1021235",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021235"
},
{
"name": "34857",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/34857"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm",
"refsource": "MISC",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm"
},
{
"name": "http://support.attachmate.com/techdocs/2398.html",
"refsource": "CONFIRM",
"url": "http://support.attachmate.com/techdocs/2398.html"
},
{
"name": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html",
"refsource": "CONFIRM",
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html"
},
{
"name": "ADV-2008-3173",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3173"
},
{
"name": "20081123 Revised: OpenSSH security advisory: cbc.adv",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498579/100/0/threaded"
},
{
"name": "openssh-sshtectia-cbc-info-disclosure(46620)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46620"
},
{
"name": "32740",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32740"
},
{
"name": "ADV-2009-1135",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1135"
},
{
"name": "32760",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32760"
},
{
"name": "ADV-2009-3184",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"name": "1021236",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1021236"
},
{
"name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10106",
"refsource": "CONFIRM",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10106"
},
{
"name": "HPSBMA02447",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=125017764422557\u0026w=2"
},
{
"name": "http://isc.sans.org/diary.html?storyid=5366",
"refsource": "MISC",
"url": "http://isc.sans.org/diary.html?storyid=5366"
},
{
"name": "APPLE-SA-2009-11-09-1",
"refsource": "APPLE",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"name": "SSRT090062",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=125017764422557\u0026w=2"
},
{
"name": "ADV-2008-3409",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3409"
},
{
"name": "ADV-2008-3172",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/3172"
},
{
"name": "oval:org.mitre.oval:def:11279",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279"
},
{
"name": "20081121 OpenSSH security advisory: cbc.adv",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/498558/100/0/threaded"
},
{
"name": "http://support.apple.com/kb/HT3937",
"refsource": "CONFIRM",
"url": "http://support.apple.com/kb/HT3937"
},
{
"name": "VU#958563",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/958563"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-5161",
"datePublished": "2008-11-19T17:00:00",
"dateReserved": "2008-11-19T00:00:00",
"dateUpdated": "2024-08-07T10:40:17.282Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5484
Vulnerability from cvelistv5
Published
2006-10-24 22:00
Modified
2024-08-07 19:55
Severity ?
EPSS score ?
Summary
SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1017060 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/22350 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2006/4032 | vdb-entry, x_refsource_VUPEN | |
| http://www.ssh.com/company/news/2006/english/security/article/786/ | x_refsource_CONFIRM | |
| http://www.kb.cert.org/vuls/id/845620 | third-party-advisory, x_refsource_CERT-VN | |
| http://securitytracker.com/id?1017061 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:52.735Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017060",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017060"
},
{
"name": "22350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22350"
},
{
"name": "ADV-2006-4032",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4032"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"name": "VU#845620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"name": "1017061",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017061"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017060",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017060"
},
{
"name": "22350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22350"
},
{
"name": "ADV-2006-4032",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4032"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"name": "VU#845620",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"name": "1017061",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017061"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5484",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017060",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017060"
},
{
"name": "22350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22350"
},
{
"name": "ADV-2006-4032",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4032"
},
{
"name": "http://www.ssh.com/company/news/2006/english/security/article/786/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"name": "VU#845620",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"name": "1017061",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017061"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5484",
"datePublished": "2006-10-24T22:00:00",
"dateReserved": "2006-10-24T00:00:00",
"dateUpdated": "2024-08-07T19:55:52.735Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-4315
Vulnerability from cvelistv5
Published
2006-08-23 22:00
Modified
2024-08-07 19:06
Severity ?
EPSS score ?
Summary
Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/19679 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1016743 | vdb-entry, x_refsource_SECTRACK | |
| http://www.ssh.com/company/news/2006/english/security/article/775/ | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/28566 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:06:07.126Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "19679",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/19679"
},
{
"name": "1016743",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016743"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"name": "ssh-tectia-pathname-privilege-escalation(28566)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-08-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under \"Program Files\" or its subdirectories."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "19679",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/19679"
},
{
"name": "1016743",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016743"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"name": "ssh-tectia-pathname-privilege-escalation(28566)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-4315",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under \"Program Files\" or its subdirectories."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "19679",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/19679"
},
{
"name": "1016743",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016743"
},
{
"name": "http://www.ssh.com/company/news/2006/english/security/article/775/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"name": "ssh-tectia-pathname-privilege-escalation(28566)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-4315",
"datePublished": "2006-08-23T22:00:00",
"dateReserved": "2006-08-23T00:00:00",
"dateUpdated": "2024-08-07T19:06:07.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2008-11-19 17:30
Modified
2024-11-21 00:53
Severity ?
Summary
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B042083-6D26-4A91-B3F6-E6D46266FF60",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6693DC2D-CDA1-4E37-9569-58874F55A48A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16CDE975-9E08-493B-9385-3EC2CABC4A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8A63EA6B-2400-48C4-924D-3509971CCBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0658F08E-2596-4D8E-91AA-44A9DBE8F151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "74169893-A34F-49FB-8C83-36C4AA808925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "013E94CC-AF68-44D0-826F-28B1825A8DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C9981E30-0D54-4464-8287-E450E7E8F770",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4ED17577-F56D-48DF-8863-B4FF039C47D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B74A91E2-C93E-49F4-B349-8E4CEC285C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.1j:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7244A-BFF7-4C7C-82FF-6B53236DB86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5BADA4CC-FC94-427A-AF93-9AAFDAADDB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.2j:*:*:*:*:*:*:*",
"matchCriteriaId": "1356E837-2CF3-4AF9-80DD-FA2A97B3B2F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8F1D6B7F-8B52-42C0-8613-740CACFB3463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5024EC6-2A47-4ACE-A661-B78D314C7D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA64A6E8-0EB7-4BCA-A7AA-245A466C2F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5058DC44-835D-4BD9-B550-E5CB22F6475F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "23ED4911-6CF5-4562-B421-A328D7BE0291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.8k:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F3388A-39FA-4A3A-819A-764A16AAEB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.9k:*:*:*:*:*:*:*",
"matchCriteriaId": "C90B0480-C558-41BD-A16C-AD63DA1C09C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "81DDF3D8-35EA-4677-B1AC-1CA674EEBCD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F37366E9-F1B6-4458-AE1C-790405AC8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C727829-5E3A-41F6-BAB3-01AED39674D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF57477-FB53-49CC-BAD4-CDC0FD9363F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65FB72FC-37EE-4D42-893E-9C0924EEA2E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "D863ED8D-2B63-4497-B250-6AFA29D6D9D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "D2BF5D4C-DFF8-4094-82A6-A1302169CD43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "F5C5413C-47F1-4E3B-B618-2AECECA780FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "490A294D-AB7C-45C2-B887-1C3D2992AD91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "43712853-9002-4778-9036-754262880B3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "41A83090-D05D-40DD-AA29-F032CC165A9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C5BCE145-44F4-4FED-8936-3AEBF8B38357",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.0.0f:*:*:*:*:*:*:*",
"matchCriteriaId": "888C2DE3-2874-4310-9584-3AC96A82C306",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6587AA-E91D-4194-81D0-FCF1AA382CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.0.1f:*:*:*:*:*:*:*",
"matchCriteriaId": "237D84A0-3FC3-4CFD-9454-ACD9E42DCC4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A6B2C7F5-8182-48B8-AA8A-C0F45978D3D4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.0.2f:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EAC7A0-CD7D-4AE9-8421-9CDFFD073B5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17855D5D-BDF5-48D3-9D71-694A3D41A826",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.0.3f:*:*:*:*:*:*:*",
"matchCriteriaId": "3915E4A8-6CCF-44A3-85B9-70651137C084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0A5DEDB4-7E16-4356-B080-09BCDA68772F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FC9DBDC7-DDF0-4596-84BC-E4E05F47F938",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "36FA61F9-CE29-47B0-AF2A-B1045A59018E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9B338837-6346-48FC-A4D7-011EC20ACF61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8644D458-786D-4310-BAA8-40B2E27EA966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D4746C2E-91B1-4341-9CCD-78191BDF9A28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5F3FCC3E-F3D5-4F90-B64F-85576E8B776B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "17672CBB-A79F-4B91-9B01-193F960A4611",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "177E5CE0-A518-447F-9397-FC527E367077",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C808743-BFAF-4BB4-B0F0-13DF2C7D5531",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB90715C-E50C-4682-8C94-DE5CBCAA9965",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6A8F8009-3586-4989-B180-2F46503DA59B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "44DDAAA8-185D-47FE-8434-E2FC000BD926",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "F2E5D670-FB1F-4560-A5A0-149FB4FCD2CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "49A0662D-9356-4DC9-8082-58DBEE5C65FB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "4E858413-3408-4A77-B56D-5016959FC690",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "CFFB475D-7996-48B3-8886-9000C6230414",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5E56BFE1-044A-45AC-BF9C-C0CFBD2F8C7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4E72BBCB-636C-4939-90B7-308223E433EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A5884968-F218-4CD4-AD4B-4C0CD26EF674",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "56FD197E-27E9-4AF4-8A84-E1D0A7FD14DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "5DCD63A2-B666-4F5E-9D17-ED38B0BF973C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "63E32B6A-AF41-4AEA-B55B-52B821106D00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "0BC18FBF-1C2E-4D2F-9D3C-C6578CCBDB50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0824B78E-EB43-4D74-9062-79D0F273B06E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0A76B02F-C2C8-4A35-A60A-EC74F43B8895",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F8CD470B-274F-421C-AD4D-6D076935D741",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C30FE48E-857E-441C-B497-B6E541D2913F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "1A813EED-25AC-4191-92E8-58C1BC7D1E5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8719CEF9-6753-495B-9ACB-9E323CB7BCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "553D3277-1B91-4998-A610-7E5D3E2C1413",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "17886B3D-394C-4C94-93B2-FAB23B45C880",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "7584F9C5-41E9-4F84-9849-B5D604BB55A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "00008DAA-F66D-484B-941B-944F3E684981",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "EEF4DE0B-ED77-49CE-AE0C-2AF2AE35FB78",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "38EF9A76-6D83-4C99-A1DE-DC7E5AF28731",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:4.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "3C13F8DE-007E-467E-9872-9C4A951F1EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "698824F0-DDFA-4469-8D42-59A56ACD6B5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "30A3B9E9-3643-443B-A19A-2AE989832C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "F86A43A5-0906-405E-B3D0-250DA24A9093",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "3126AFB2-A043-4C51-8402-D36D2F62AA73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B00D37C5-5C79-46F9-97B7-555E48C53796",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "55A817B6-CD13-4E0A-99DD-C5C39DF04C8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6C6F7054-6EDF-4F25-945E-E24F00A4A2B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "16BEBCBF-8826-4451-9B6B-802BD8A4FA99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "59F1EE63-6CF7-440D-BC5B-23D721996275",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5C446EEE-3D06-485D-A031-2DA2A6501712",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7F90B0C0-1CA9-47F8-B603-D6C15CF33352",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D7292ADB-5D2C-4569-93B5-76125D71E3AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "2810AD0C-4C6F-4B07-8D72-2D640219AE82",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "06C3FAFB-90D2-4C6D-A210-27297926433E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "78E26C82-CA31-4EBB-9635-D895B04D90E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connectsecure:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "170C4ADE-68C7-4F73-BD64-800D8E07F5E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connectsecure:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "7FB022A4-BFF0-4154-A8B6-C38B6C09A1BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connectsecure:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "026CCB02-C710-4AEA-B002-852AD4A3DCDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connectsecure:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "02ACCEFF-1301-4118-BFCA-877F7A1D84B6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connectsecure:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "625EE79F-33C9-4272-A37C-F82921950EA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4480D2-1B5C-443D-8D7F-976885C33BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "795DEA94-79D6-4132-B205-AB098E92216A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD05A3E8-105D-4712-8BBE-2D5CF4F78890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6691FF-77F2-4AE3-B49F-BFB8744AD046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.0.7:*:*:*:*:*:*:*",
"matchCriteriaId": "E58648AC-7288-46EC-B2BB-0805626BA31C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "3F8A31AD-D2E8-45DC-BF80-BD102B1FBC83",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "62FBDA08-566F-4D21-8186-4A287FD2F107",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.1.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8B1DB64D-028A-422F-B106-873A45789A89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "12509D69-71AF-48AF-986F-04A7E248011A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "075B6E8D-4C4B-4E98-94C6-52B842BE65FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BEDF9DB2-6C3D-4BF5-BF55-818C3932CF93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B99F6E-712C-4205-9185-26F543EFC881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F31FAA8F-EE03-4A7F-B0DE-BB4CE998FEB8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF0262B-1451-40CA-9DD1-F2DEA793BD61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C27E0224-9431-49EF-8B32-850CDF6FFFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88A88A21-7427-4452-8C2A-6C31542FA83C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCEAA0-509A-4978-BE53-0CBE084366FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3203DC73-05F2-4A28-9E62-3D87B482586A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDA1AAC-3FCF-47D8-A6B4-9DB0D776CE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "64F4CDF1-695A-4677-A829-74BB365BF4FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF55DD-FC87-42A3-9DAF-9862AA9649CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "61188360-C55E-47AD-8C3E-043689249DA4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5A5BCE08-8940-4658-A4D7-5CAD33D3751C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0FA974-7671-4FB7-BB36-274B5970EBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "011F841A-4F1B-49B2-B379-9FE126141568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C54819-CF51-4BBE-873F-4A0E2072D10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "743C5472-860C-48A6-AED7-BB00B6E91440",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.7:*:*:*:*:*:*:*",
"matchCriteriaId": "2094ACB3-635A-437D-AF0E-4BFEB496EDF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.8:*:*:*:*:*:*:*",
"matchCriteriaId": "40BE9A01-DEE5-4CD4-8C01-6689707A47EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.9:*:*:*:*:*:*:*",
"matchCriteriaId": "2838C7E9-F247-491B-AAD1-680927044C24",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.10:*:*:*:*:*:*:*",
"matchCriteriaId": "EAB99E2A-AF4D-4436-9C4F-EB043F8D16A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.11:*:*:*:*:*:*:*",
"matchCriteriaId": "86E5680C-2E57-4BFA-9D60-B560BA819039",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "83D8769C-E438-4805-955A-4EA7A274F036",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2E96C8-F8F8-4002-B242-3ADDF1E84B7D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2ADC814-3F33-47F6-AE27-7233F5D337AF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "5B56052F-6768-41D6-9E91-F1377EB4E122",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "9803DD4B-C48D-45EA-8154-C1C626DBDED2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "702A52AE-4E48-4138-8856-9EBE5A8DA964",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.1.1:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "B8C108AB-0C7C-4B58-8B54-C92C95A6B65D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "509B3B08-533C-46CE-B53F-5A2BFC553C53",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "F0F992DB-F70C-4473-8C33-B5F59BD83A57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "84D8E570-70B9-42CF-9764-238AAF6B380F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.2.0:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "9E582465-CC4A-4827-8C1F-548F01D6FCF1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.2.1:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "60515678-F93E-46CC-94EF-0EF9B2091D76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4054251B-98C7-4AC9-B610-BA0EB250972C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.2.2:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "5B4AC671-C67D-46EC-9FB2-720F0DC3D4EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "6A93E9C5-91A4-4FC1-871B-ECE0E0FAFAA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.2.4:*:*:*:*:*:*:*",
"matchCriteriaId": "958F4FB0-C7DA-48D8-9500-A4A43ED807E3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D772EE8-FB18-4431-89D8-FAF42797A2DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.3.0:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "A3A30FB0-35AB-4CF2-B74D-68015044770B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "75DA0AC9-E2BF-40C7-B970-43D0283FCC6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "EA26CDDC-24FD-4FFD-BA5E-79F55BC8DA00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1003EDA5-E22E-4A4E-A289-660E823EE71F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "844003FE-63E9-4E2F-83E6-02798B753FB4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "7ED73DCC-6501-4DA8-B0C0-45F1A6E97BF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "711A3119-3390-48A9-8579-1D768D66386D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "798BE0FE-52F1-4283-8A0D-3E769A3752C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "9F77CD27-4E7E-4B4A-9363-FC87B611338A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.4.0:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "09B1AFF1-4F5D-42F0-A3A7-91BB9854B561",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.4.1:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "01872E42-E249-48AB-9259-FF3B0F3CAA4D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.4.2:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "B73B06FD-3452-4900-AE09-44172A1EF174",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.5.0:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "DC126AA4-30B6-429B-A981-E4F0BCE03DE6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.5.1:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "1932FFE5-DC06-4560-ADA7-4C993B8A880D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:6.0.0:*:*:*:*:*:*:*",
"matchCriteriaId": "67BA8F3E-57F3-4388-8CD0-431AAA8DDB36",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:6.0.0:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "2BDEED3F-3936-429C-957E-9E3EE455445C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:6.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "71C39323-60AF-4CB5-BA5A-1F45353614F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:6.0.1:*:ibm_zos:*:*:*:*:*",
"matchCriteriaId": "3FE3D768-A3CF-422A-9EE2-6256E3ADDBEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:6.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "6D8E4B95-A551-4839-995F-5667CD215540",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:6.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8B474CD5-DEC0-49DB-992D-658A3C573982",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:6.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "DB98ADBD-7FBB-4495-A71B-8EF9A6EAC33B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:6.0.4:*:linux_ibm_zos:*:*:*:*:*",
"matchCriteriaId": "356A4B29-4BE7-4D33-8B64-CECCA6C24FAF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors."
},
{
"lang": "es",
"value": "Error en el manejo del protocolo SSH en (1) SSH Tectia Client y Server y Connector 4v.0 a la v4.4.11, v5.0 a la v5.2.4, y v5.3 a la v5.3.8; Client y Server y ConnectSecure v6.0 a la v6.0.4; Server para Linux sobre IBM System z v6.0.4; Server para IBM z/OS v5.5.1 y anteriores, v6.0.0, y v6.0.1; y Client v4.0-J a la v4.3.3-J y v4.0-K a la v4.3.10-K; y (2) OpenSSH v4.7p1 y posiblemente otras versiones, cuando usan un algoritmo de bloque cifrado en el modo Cipher Block Chaining (CBC), facilita a los atacantes remotos el conseguir cierta informaci\u00f3n en texto plano desde cualquier bloque de texto cifrado de su elecci\u00f3n en una sessi\u00f3n SSH mediante vectores de ataque desconocidos."
}
],
"evaluatorComment": "http://securitytracker.com/alerts/2008/Nov/1021235.html\n\nCBC mode connections are affected",
"evaluatorSolution": "With a valid username and password patches are available at the following link:\nhttps://downloads.ssh.com/",
"id": "CVE-2008-5161",
"lastModified": "2024-11-21T00:53:25.890",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-11-19T17:30:00.670",
"references": [
{
"source": "cve@mitre.org",
"url": "http://isc.sans.org/diary.html?storyid=5366"
},
{
"source": "cve@mitre.org",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "cve@mitre.org",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=125017764422557\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=125017764422557\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://openssh.org/txt/cbc.adv"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/49872"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/50035"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/50036"
},
{
"source": "cve@mitre.org",
"url": "http://rhn.redhat.com/errata/RHSA-2009-1287.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32740"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32760"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/32833"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33121"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/33308"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/34857"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/36558"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.apple.com/kb/HT3937"
},
{
"source": "cve@mitre.org",
"url": "http://support.attachmate.com/techdocs/2398.html"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm"
},
{
"source": "cve@mitre.org",
"url": "http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/958563"
},
{
"source": "cve@mitre.org",
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/498558/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/498579/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/32319"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021235"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021236"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1021382"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ssh.com/company/news/article/953/"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3172"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3173"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2008/3409"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/1135"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46620"
},
{
"source": "cve@mitre.org",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"source": "cve@mitre.org",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10106"
},
{
"source": "cve@mitre.org",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://isc.sans.org/diary.html?storyid=5366"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=125017764422557\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=125017764422557\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://openssh.org/txt/cbc.adv"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/49872"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/50035"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/50036"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rhn.redhat.com/errata/RHSA-2009-1287.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32740"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/32760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/32833"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/33308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/34857"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/36558"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.apple.com/kb/HT3937"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.attachmate.com/techdocs/2398.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/958563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/498558/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/498579/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/32319"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021235"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1021382"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.ssh.com/company/news/article/953/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3173"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/3409"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1135"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/3184"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/46620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10106"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279"
}
],
"sourceIdentifier": "cve@mitre.org",
"vendorComments": [
{
"comment": "This issue was addressed for Red Hat Enterprise Linux 5 by\nhttps://rhn.redhat.com/errata/RHSA-2009-1287.html\n\nAfter reviewing the upstream fix for this issue, Red Hat does not intend to address this flaw in Red Hat Enterprise Linux 3 or 4 at this time.",
"lastModified": "2009-09-02T00:00:00",
"organization": "Red Hat"
}
],
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-24 22:07
Modified
2024-11-21 00:19
Severity ?
Summary
SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ssh | tectia_client | * | |
| ssh | tectia_connector | * | |
| ssh | tectia_manager | * | |
| ssh | tectia_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ssh:tectia_client:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2E317E29-0436-4DE5-BEAE-360919F81533",
"versionEndIncluding": "5.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:*:*:*:*:*:*:*:*",
"matchCriteriaId": "AD202BF8-1A73-44DA-93FB-DA21A7825B93",
"versionEndIncluding": "5.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "821AFCAC-3769-4891-B62C-042803023BB7",
"versionEndIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F63849B9-02E1-4361-9686-8C90C7ADDA72",
"versionEndIncluding": "5.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339."
},
{
"lang": "es",
"value": "SSH Tectia Client/Server/Connector 5.1.0 y anteriores, Manager 2.2.0 y anteriores, y otros productos, al usar una clave RSA con exponente 3, borra el relleno PKCS-1 antes de generar un hash, lo cual permite a atacantes remotos forjar una firma PKCS #1 v1.5 que es firmada por esa clave RSA y evita que Tectia verifique correctamente certificados X.509 y otros certificados que usan PKCS #1, un asunto similar a CVE-2006-4339."
}
],
"evaluatorSolution": "Update to a fixed version",
"id": "CVE-2006-5484",
"lastModified": "2024-11-21T00:19:24.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-24T22:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22350"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1017060"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1017061"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/4032"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/22350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1017060"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1017061"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/845620"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/786/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2006/4032"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-08-23 22:04
Modified
2024-11-21 00:15
Severity ?
Summary
Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6693DC2D-CDA1-4E37-9569-58874F55A48A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "16CDE975-9E08-493B-9385-3EC2CABC4A15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8A63EA6B-2400-48C4-924D-3509971CCBEE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "0658F08E-2596-4D8E-91AA-44A9DBE8F151",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "74169893-A34F-49FB-8C83-36C4AA808925",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "013E94CC-AF68-44D0-826F-28B1825A8DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C9981E30-0D54-4464-8287-E450E7E8F770",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "4ED17577-F56D-48DF-8863-B4FF039C47D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "B74A91E2-C93E-49F4-B349-8E4CEC285C03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.1j:*:*:*:*:*:*:*",
"matchCriteriaId": "FBF7244A-BFF7-4C7C-82FF-6B53236DB86D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5BADA4CC-FC94-427A-AF93-9AAFDAADDB91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "8F1D6B7F-8B52-42C0-8613-740CACFB3463",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "D5024EC6-2A47-4ACE-A661-B78D314C7D0F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA64A6E8-0EB7-4BCA-A7AA-245A466C2F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5058DC44-835D-4BD9-B550-E5CB22F6475F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "23ED4911-6CF5-4562-B421-A328D7BE0291",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.3.8k:*:*:*:*:*:*:*",
"matchCriteriaId": "E7F3388A-39FA-4A3A-819A-764A16AAEB54",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "81DDF3D8-35EA-4677-B1AC-1CA674EEBCD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F37366E9-F1B6-4458-AE1C-790405AC8740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "8C727829-5E3A-41F6-BAB3-01AED39674D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "1CF57477-FB53-49CC-BAD4-CDC0FD9363F5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "65FB72FC-37EE-4D42-893E-9C0924EEA2E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B18D681B-ACE1-47E3-851D-57DA47D1E2F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F470797-BBE4-4360-A38A-2722B8CF3BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_client:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "FB6587AA-E91D-4194-81D0-FCF1AA382CAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D921A61E-D401-404E-B539-DAFE05D001F7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_connector:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "30A3B9E9-3643-443B-A19A-2AE989832C50",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_manager:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "207A0CC3-240E-467E-A82D-DB9751378C2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_manager:1.4:*:*:*:*:*:*:*",
"matchCriteriaId": "23D62693-EA3F-406E-AC66-79B1CD566F1C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_manager:2.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9CF059D3-7250-44F9-9337-AD66A0F28071",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3E4480D2-1B5C-443D-8D7F-976885C33BDA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "795DEA94-79D6-4132-B205-AB098E92216A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.0.4:*:*:*:*:*:*:*",
"matchCriteriaId": "CD05A3E8-105D-4712-8BBE-2D5CF4F78890",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "8D6691FF-77F2-4AE3-B49F-BFB8744AD046",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "075B6E8D-4C4B-4E98-94C6-52B842BE65FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "27B99F6E-712C-4205-9185-26F543EFC881",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0AF0262B-1451-40CA-9DD1-F2DEA793BD61",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "C27E0224-9431-49EF-8B32-850CDF6FFFE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "88A88A21-7427-4452-8C2A-6C31542FA83C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.4:*:*:*:*:*:*:*",
"matchCriteriaId": "A3DCEAA0-509A-4978-BE53-0CBE084366FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "3203DC73-05F2-4A28-9E62-3D87B482586A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "9BDA1AAC-3FCF-47D8-A6B4-9DB0D776CE14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "64F4CDF1-695A-4677-A829-74BB365BF4FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "BBEF55DD-FC87-42A3-9DAF-9862AA9649CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "DC0FA974-7671-4FB7-BB36-274B5970EBAB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B6C2BA84-A520-489E-AF08-F3D35B0D580B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.4:*:*:*:*:*:*:*",
"matchCriteriaId": "011F841A-4F1B-49B2-B379-9FE126141568",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:4.4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "B3C54819-CF51-4BBE-873F-4A0E2072D10F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "802C46F0-0FE2-42BD-910A-08CC9639BC4E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:tectia_server:5.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2E96C8-F8F8-4002-B242-3ADDF1E84B7D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under \"Program Files\" or its subdirectories."
},
{
"lang": "es",
"value": "Vulnerabilidad de ruta no confiable en la b\u00fasqueda no literal de Windows en m\u00faltiples productos SSH de Tectia, incluyendo el Client/Server/Connector 5.0.0 y 5.0.1 y Client/Server anterior a 4.4.5, y Manager 2.12 y anteriores, cuando se ejecutan en Windows, podr\u00edan permitir a usuarios locales escalar privilegios mediante un archivo de programa malicioso en \"Archivos de Programa\" o sus subdirectorios."
}
],
"id": "CVE-2006-4315",
"lastModified": "2024-11-21T00:15:39.340",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-08-23T22:04:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016743"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/19679"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016743"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/19679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.ssh.com/company/news/2006/english/security/article/775/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28566"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}