OpenBSD News Articles

Recent news articles refferecing the vendors vulnerabilities.

favicon imageCyber Security News

OpenSSH Agent RCE Flaw Let Attackers Execute Arbitrary Commands

The flaw exists in OpenSSH's forward ssh-agent. This flaw allows an attacker to execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent.

10 Steps to Root Out the Terrapin Vulnerability

You don't have to stop using SSH keys to stay safe. This Tech Tip explains how to protect your system against CVE-2023-48795.

favicon imageSpiceworks

SSH Vulnerable to Terrapin Attack - Spiceworks

Security researchers have discovered a new vulnerability in the Secure Shell (SSH) network protocol. Find out more.

favicon imageCyber Kendra

Critical OpenSSH Flaw Could Allow Remote Code Execution - Cyber Kendra

Critical OpenSSH Flaw Could Allow Remote Code Execution

favicon imageCyber Security News

Over 11M SSH Servers are Vulnerable to new Terrapin Attacks

It was reported that SSH servers were vulnerable to the new Terrapin Attack in which threat actors can downgrade an SSH protocol version.

favicon imageBNN Breaking

OpenSSH Vulnerabilities - An Urgent Call for Continuous Security Updates

Several security vulnerabilities identified in OpenSSH could potentially allow attackers to escalate their privileges and execute command injection. The Terrapin attack further exploits the protocol's weaknesses, emphasizing the need for continuous security monitoring and updates.

favicon imageThe Hacker News

New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security

Researchers uncover a critical SSH protocol vulnerability, "Terrapin" (CVE-2023-48795), allowing attackers to compromise secure connections.

favicon imageSecurity Boulevard

OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert

Overview Recently, NSFOCUS CERT detected that OpenSSH released a security update and fixed a command injection vulnerability caused by malicious shell characters (CVE-2023-51385), with a CVSS score of 9.8; Since there is no security filtering of username and hostname input represented by %h,%u in Op...

favicon imageHelp Net Security

Week in review: Terrapin SSH attack, Mr. Cooper breach - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Creating a formula for effective vulnerability

favicon imageTechRadar

OpenSSH connections could be cracked by this all-new cyberattack

Terrapin is able to break SSH channel integrity, researchers claim

favicon imageHelp Net Security

SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795) - Help Net Security

A vulnerability (CVE-2023-48795) in the SSH cryptographic network protocol could allow an attacker to downgrade the connection's security.

favicon imageBleeping Computer

Terrapin attacks can downgrade security of OpenSSH connections

Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used.