OpenBSD News Articles
Recent news articles refferecing the vendors vulnerabilities.
Cyber Security NewsCVE-2023-38408OpenSSH Agent RCE Flaw Let Attackers Execute Arbitrary Commands
The flaw exists in OpenSSH's forward ssh-agent. This flaw allows an attacker to execute arbitrary commands on vulnerable OpenSSHโs forwarded ssh-agent.
2 weeks ago
10 Steps to Root Out the Terrapin Vulnerability
You don't have to stop using SSH keys to stay safe. This Tech Tip explains how to protect your system against CVE-2023-48795.
10 months ago
SpiceworksCVE-2023-48795SSH Vulnerable to Terrapin Attack - Spiceworks
Security researchers have discovered a new vulnerability in the Secure Shell (SSH) network protocol. Find out more.
1 year ago
Critical OpenSSH Flaw Could Allow Remote Code Execution - Cyber Kendra
Critical OpenSSH Flaw Could Allow Remote Code Execution
1 year ago
Cyber Security NewsOver 11M SSH Servers are Vulnerable to new Terrapin Attacks
It was reported that SSH servers were vulnerable to the new Terrapin Attack in which threat actors can downgrade an SSH protocol version.
1 year ago
BNN BreakingOpenSSH Vulnerabilities - An Urgent Call for Continuous Security Updates
Several security vulnerabilities identified in OpenSSH could potentially allow attackers to escalate their privileges and execute command injection. The Terrapin attack further exploits the protocol's weaknesses, emphasizing the need for continuous security monitoring and updates.
1 year ago
The Hacker NewsCVE-2023-48795New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security
Researchers uncover a critical SSH protocol vulnerability, "Terrapin" (CVE-2023-48795), allowing attackers to compromise secure connections.
1 year ago
Security BoulevardCVE-2023-51385OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert
Overview Recently, NSFOCUS CERT detected that OpenSSH released a security update and fixed a command injection vulnerability caused by malicious shell characters (CVE-2023-51385), with a CVSS score of 9.8; Since there is no security filtering of username and hostname input represented by %h,%u in Op...
1 year ago
Week in review: Terrapin SSH attack, Mr. Cooper breach - Help Net Security
Hereโs an overview of some of last weekโs most interesting news, articles, interviews and videos: Creating a formula for effective vulnerability
1 year ago
OpenSSH connections could be cracked by this all-new cyberattack
Terrapin is able to break SSH channel integrity, researchers claim
1 year ago
Help Net SecurityCVE-2023-48795SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795) - Help Net Security
A vulnerability (CVE-2023-48795) in the SSH cryptographic network protocol could allow an attacker to downgrade the connection's security.
1 year ago
Terrapin attacks can downgrade security of OpenSSH connections
Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used.
1 year ago