OpenSSH is the premier connectivity tool for remote login with the SSH protocol. Parallels desktop on m1. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. In addition, OpenSSH provides a large suite of secure tunneling capabilities, several authentication methods,. Oct 19, 2015 Our objective was to not only port OpenSSH so that it worked well on Windows, but to openly contribute those changes back into the portable version of OpenSSH. Of the many options available, one clearly stood out: the previous work that NoMachine had already published in bringing OpenSSH to Windows. The NoMachine port was based on OpenSSH 5.9.
Current Description
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
Analysis Description
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host.
Severity
CVSS 3.x Severity and Metrics:
Weakness Enumeration
| CWE-ID | CWE Name | Source |
|---|---|---|
| CWE-415 | Double Free | NIST |
Known Affected Software Configurations Switch to CPE 2.2
Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.
Openssh Portable Binary
Change History
6 change records found show changes