CVE-2023-51385

Related Files

Apple Security Advisory 03-07-2024-2

Posted Mar 14, 2024

Authored by Apple | Site apple.com

Apple Security Advisory 03-07-2024-2 - macOS Sonoma 14.4 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities.

tags | advisory, overflow, spoof, vulnerability, code execution

systems | apple

advisories | CVE-2022-42816, CVE-2022-48554, CVE-2023-42853, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-0258, CVE-2024-23205, CVE-2024-23216, CVE-2024-23225, CVE-2024-23226, CVE-2024-23227, CVE-2024-23230, CVE-2024-23231

SHA-256 | 29c509ba93a9dc40af758aca80410a21c8239c2a3c115bac3d2acd0e1e6deea5

Download | Favorite | View

Ubuntu Security Notice USN-6560-2

Posted Jan 11, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6560-2 - USN-6560-1 fixed several vulnerabilities in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.

tags | advisory, remote, vulnerability, protocol

systems | linux, ubuntu

advisories | CVE-2023-48795, CVE-2023-51385

SHA-256 | 279f23efe6b36684994928a454f01081c5330f4103d3e9a111b6c5ff07c9a1f6

Download | Favorite | View

Ubuntu Security Notice USN-6565-1

Posted Jan 4, 2024

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6565-1 - It was discovered that OpenSSH incorrectly handled supplemental groups when running helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand as a different user. An attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS. It was discovered that OpenSSH incorrectly added destination constraints when PKCS#11 token keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.

tags | advisory

systems | linux, ubuntu

advisories | CVE-2021-41617, CVE-2023-51384, CVE-2023-51385

SHA-256 | ec9147c7e17c9b7474fb26fe7454f31349351cd2e830bb0c9e3403822a0b62a7

Download | Favorite | View

Gentoo Linux Security Advisory 202312-17

Posted Dec 28, 2023

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202312-17 - Multiple vulnerabilities have been discovered in OpenSSH, the worst of which could lead to code execution. Versions greater than or equal to 9.6_p1 are affected.

tags | advisory, vulnerability, code execution

systems | linux, gentoo

advisories | CVE-2023-48795, CVE-2023-51385

SHA-256 | ba995f8d24608fff3aaab0d0ad90892e7d28d73639eaace76ba4733a544b788c

Download | Favorite | View

Debian Security Advisory 5586-1

Posted Dec 22, 2023

Authored by Debian | Site debian.org

Debian Linux Security Advisory 5586-1 - Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite.

tags | advisory, vulnerability, protocol

systems | linux, debian

advisories | CVE-2021-41617, CVE-2023-28531, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385

SHA-256 | eb54a28b3d95ad19c4329f6295f24f93dcd4b5a934d6c9ce761901a356063b87

Download | Favorite | View