Showing 1 - 3 of 3

CVE-2023-51384

Status Candidate

Overview

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these constraints are only applied to the first key, even if a PKCS#11 token returns multiple keys.

Related Files

Apple Security Advisory 03-07-2024-2: Posted Mar 14, 2024; Authored by Apple | Site apple.com; Apple Security Advisory 03-07-2024-2 - macOS Sonoma 14.4 addresses buffer overflow, bypass, code execution, out of bounds read, out of bounds write, and spoofing vulnerabilities.; tags | advisory, overflow, spoof, vulnerability, code execution; systems | apple; advisories | CVE-2022-42816, CVE-2022-48554, CVE-2023-42853, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385, CVE-2024-0258, CVE-2024-23205, CVE-2024-23216, CVE-2024-23225, CVE-2024-23226, CVE-2024-23227, CVE-2024-23230, CVE-2024-23231; SHA-256 | 29c509ba93a9dc40af758aca80410a21c8239c2a3c115bac3d2acd0e1e6deea5; Download | Favorite | View

Ubuntu Security Notice USN-6565-1: Posted Jan 4, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6565-1 - It was discovered that OpenSSH incorrectly handled supplemental groups when running helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand as a different user. An attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 20.04 LTS. It was discovered that OpenSSH incorrectly added destination constraints when PKCS#11 token keys were added to ssh-agent, contrary to expectations. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.; tags | advisory; systems | linux, ubuntu; advisories | CVE-2021-41617, CVE-2023-51384, CVE-2023-51385; SHA-256 | ec9147c7e17c9b7474fb26fe7454f31349351cd2e830bb0c9e3403822a0b62a7; Download | Favorite | View

Debian Security Advisory 5586-1: Posted Dec 22, 2023; Authored by Debian | Site debian.org; Debian Linux Security Advisory 5586-1 - Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite.; tags | advisory, vulnerability, protocol; systems | linux, debian; advisories | CVE-2021-41617, CVE-2023-28531, CVE-2023-48795, CVE-2023-51384, CVE-2023-51385; SHA-256 | eb54a28b3d95ad19c4329f6295f24f93dcd4b5a934d6c9ce761901a356063b87; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 294 files
Ubuntu 63 files
Debian 34 files
Gentoo 32 files
LiquidWorm 10 files
malvuln 7 files
nu11secur1ty 7 files
Ahmet Umit Bayram 4 files
Adam Gowdiak 4 files
gabe_k 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,038)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,499)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,583)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,746)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,492)
UNIX (9,397)
UnixWare (187)
Windows (6,657)
Other

CVE-2023-51384

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems