Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description SSH protocol implementation for remote login, command execution and file transfer
Version 9.7p1-2 [core]


Group Affected Fixed Severity Status Ticket
AVG-2832 9.1p1-3 9.2p1-1 Unknown Fixed
AVG-2422 8.7p1-2 8.8p1-1 Medium Fixed
AVG-2392 8.8p1-1 8.9p1-1 Low Fixed
AVG-1657 8.4p1-2 8.5p1-1 Medium Fixed
AVG-951 7.9p1-1 8.0p1-1 High Fixed
AVG-763 7.7p1-2 7.8p1-1 Medium Fixed
AVG-110 7.3p1-2 7.4p1-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2023-25136 AVG-2832 Unknown Yes Unknown
pre-authentication double-free in unpriviledged sandboxed client process when the connecting clients banner causes the SSH_OLD_DHGEX to be set on the server
CVE-2021-41617 AVG-2422 Medium Yes Privilege escalation
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are...
CVE-2021-28041 AVG-1657 Medium Yes Arbitrary code execution
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy...
CVE-2019-6111 AVG-951 Medium Yes Arbitrary file overwrite
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to...
CVE-2019-6109 AVG-951 Low Yes Content spoofing
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The- Middle attacker) can...
CVE-2018-20685 AVG-951 High Yes Insufficient validation
In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename.
CVE-2018-15473 AVG-763 Medium Yes Information disclosure
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet...
CVE-2016-20012 AVG-2392 Low Yes Information disclosure
OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test...
CVE-2016-10012 AVG-110 Low Yes Insufficient validation
It was found that the shared memory manager used by pre-authentication compression support had a bounds checks that could be elided by some optimizing...
CVE-2016-10011 AVG-110 Low No Information disclosure
It was found that there is a theoretical leak of host private key material to privilege-separated child processes via realloc() when reading keys. No such...
CVE-2016-10010 AVG-110 Medium No Privilege escalation
It was found that when privilege separation was disabled in OpenSSH, forwarded Unix-domain sockets would be created by sshd with root privileges instead of...
CVE-2016-10009 AVG-110 Medium No Arbitrary code execution
It was found that ssh-agent could load PKCS#11 modules from paths outside of a trusted whitelist. An attacker able to load a crafted PKCS#11 module across a...


Date Advisory Group Severity Type
13 Mar 2021 ASA-202103-6 AVG-1657 Medium arbitrary code execution
24 Apr 2019 ASA-201904-11 AVG-951 High multiple issues
22 Dec 2016 ASA-201612-20 AVG-110 Medium multiple issues