CVE-2023-48795
MEDIUM
5,9
Source: [email protected]
Attack Vector: network
Attack Complexity: high
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: none
Integrity: high
Availability: none
Description
AI Translation Available
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in [email protected] and (if CBC is used) the [email protected] MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
EPSS (Exploit Prediction Scoring System)
Trend Analysis
EPSS (Exploit Prediction Scoring System)
Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.
EPSS Score
0,5777
Percentile
1,0th
Updated
EPSS Score Trend (Last 90 Days)
354
Improper Validation of Integrity Check Value
DraftCommon Consequences
Security Scopes Affected:
Integrity
Other
Non-Repudiation
Potential Impacts:
Modify Application Data
Other
Hide Activities
Applicable Platforms
All platforms may be affected
Application
Tinyssh by Tinyssh
Version Range Affected
To
20230101
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:tinyssh:tinyssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Dropbear Ssh by Dropbear Ssh Project
Version Range Affected
To
2022.83
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Debian Linux by Debian
CPE Identifier
View Detailed Analysis
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sshlib by Connectbot
Version Range Affected
To
2.2.22
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:connectbot:sshlib:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openshift Data Foundation by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sftpgo by Sftpgo Project
Version Range Affected
To
2.5.6
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:sftpgo_project:sftpgo:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ssh Server by Bitvise
Version Range Affected
To
9.32
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:bitvise:ssh_server:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sshj by Apache
Version Range Affected
To
0.37.0
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:apache:sshj:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Erlang\/Otp by Erlang
Version Range Affected
From
26.0
(inclusive)
To
26.2.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Pfsense Plus by Netgate
Version Range Affected
To
23.09.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Transmit 5 by Panic
Version Range Affected
To
5.10.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:panic:transmit_5:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Maverick Synergy Java Ssh Api by Jadaptive
Version Range Affected
To
3.1.0-snapshot
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:jadaptive:maverick_synergy_java_ssh_api:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Storage by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Lcos by Lancom-Systems
Version Range Affected
To
3.66.4
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:lancom-systems:lcos:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Net-Ssh by Net-Ssh
CPE Identifier
View Detailed Analysis
cpe:2.3:a:net-ssh:net-ssh:7.2.0:*:*:*:*:ruby:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Lcos Sx by Lancom-Systems
CPE Identifier
View Detailed Analysis
cpe:2.3:o:lancom-systems:lcos_sx:4.20:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Lcos Lx by Lancom-Systems
CPE Identifier
View Detailed Analysis
cpe:2.3:o:lancom-systems:lcos_lx:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Filezilla Client by Filezilla-Project
Version Range Affected
To
3.66.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openshift Pipelines by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openstack Platform by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openssh by Openbsd
Version Range Affected
To
9.6
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Pkixssh by Roumenpetrov
Version Range Affected
To
14.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:roumenpetrov:pkixssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Erlang\/Otp by Erlang
Version Range Affected
From
23.0
(inclusive)
To
23.3.4.20
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Jsch by Matez
Version Range Affected
To
0.2.15
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:matez:jsch:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ssh Client by Bitvise
Version Range Affected
To
9.33
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:bitvise:ssh_client:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ssh2 by Ssh2 Project
Version Range Affected
To
1.11.0
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Cert-Manager Operator For Red Hat Openshift by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Keycloak by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Securecrt by Vandyke
Version Range Affected
To
9.4.3
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:vandyke:securecrt:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ssh by Ssh
Version Range Affected
From
4.10
(inclusive)
To
4.11.1.7
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Macos by Apple
Version Range Affected
From
14.0
(inclusive)
To
14.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Security by Gentoo
CPE Identifier
View Detailed Analysis
cpe:2.3:a:gentoo:security:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Tera Term by Tera Term Project
Version Range Affected
To
5.1
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:tera_term_project:tera_term:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openshift Serverless by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openshift Api For Data Protection by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Libssh2 by Libssh2
Version Range Affected
To
1.11.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ssh2 by Trilead
CPE Identifier
View Detailed Analysis
cpe:2.3:a:trilead:ssh2:6401:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Paramiko by Paramiko
Version Range Affected
To
3.4.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Crushftp by Crushftp
Version Range Affected
To
10.6.0
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Sftp Gateway Firmware by Thorntech
Version Range Affected
To
3.4.6
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:thorntech:sftp_gateway_firmware:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Jboss Enterprise Application Platform by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Erlang\/Otp by Erlang
Version Range Affected
From
24.0
(inclusive)
To
24.3.4.15
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Pfsense Ce by Netgate
Version Range Affected
To
2.7.2
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Winscp by Winscp
Version Range Affected
To
6.2.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openshift Container Platform by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Proftpd by Proftpd
Version Range Affected
To
1.3.8b
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openshift Developer Tools And Services by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Kitty by 9Bis
Version Range Affected
To
0.76.1.13
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openshift Dev Spaces by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openshift Virtualization by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Single Sign-On by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ssh by Ssh
Version Range Affected
To
4.9.1.5
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Putty by Putty
Version Range Affected
To
0.80
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Libssh by Libssh
Version Range Affected
To
0.10.6
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Russh by Russh Project
Version Range Affected
To
0.40.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Erlang\/Otp by Erlang
Version Range Affected
To
22.3.4.27
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Xshell 7 by Netsarang
Version Range Affected
To
build__0144
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:netsarang:xshell_7:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Discovery by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:discovery:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Freebsd by Freebsd
Version Range Affected
To
12.4
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openshift Gitops by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Crushftp by Crushftp
Version Range Affected
To
10.6.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Fedora by Fedoraproject
CPE Identifier
View Detailed Analysis
cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Thrussh by Crates
Version Range Affected
To
0.35.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:crates:thrussh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ssh by Ssh
Version Range Affected
From
5.0
(inclusive)
To
5.1.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openstack Platform by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Sshd by Apache
Version Range Affected
To
2.11.0
(inclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Openstack Platform by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ssh by Ssh
Version Range Affected
From
4.12
(inclusive)
To
4.13.2.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Erlang\/Otp by Erlang
Version Range Affected
From
25.0
(inclusive)
To
25.3.2.8
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Advanced Cluster Security by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Lcos Fx by Lancom-Systems
CPE Identifier
View Detailed Analysis
cpe:2.3:o:lancom-systems:lcos_fx:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Nova by Panic
Version Range Affected
To
11.8
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:panic:nova:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Advanced Cluster Security by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Enterprise Linux by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ssh by Ssh
Version Range Affected
From
4.14
(inclusive)
To
4.15.3.1
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Cyclone Ssh by Oryx-Embedded
Version Range Affected
To
2.3.4
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:oryx-embedded:cyclone_ssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Crypto by Golang
Version Range Affected
To
0.17.0
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:golang:crypto:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Lcos Sx by Lancom-Systems
CPE Identifier
View Detailed Analysis
cpe:2.3:o:lancom-systems:lcos_sx:5.20:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Ceph Storage by Redhat
CPE Identifier
View Detailed Analysis
cpe:2.3:a:redhat:ceph_storage:6.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Application
Asyncssh by Asyncssh Project
Version Range Affected
To
2.14.2
(exclusive)
CPE Identifier
View Detailed Analysis
cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System
Lanconfig by Lancom-Systems
CPE Identifier
View Detailed Analysis
cpe:2.3:o:lancom-systems:lanconfig:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.h…
https://access.redhat.com/security/cve/cve-2023-48795
https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrit…
https://bugs.gentoo.org/920280
https://bugzilla.redhat.com/show_bug.cgi?id=2254210
https://bugzilla.suse.com/show_bug.cgi?id=1217950
https://crates.io/crates/thrussh/versions
http://seclists.org/fulldisclosure/2024/Mar/21
https://filezilla-project.org/versions.php
https://forum.netgate.com/topic/184941/terrapin-ssh-attack
https://github.com/advisories/GHSA-45x7-px36-x8w8
https://github.com/apache/mina-sshd/issues/445
https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c…
https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22
https://github.com/cyd01/KiTTY/issues/520
https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib…
https://github.com/erlang/otp/releases/tag/OTP-26.2.1
https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
https://github.com/hierynomus/sshj/issues/916
https://github.com/janmojzis/tinyssh/issues/81
https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df815…
https://github.com/libssh2/libssh2/pull/1291
https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/C…
https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3
https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15
https://github.com/mwiede/jsch/issues/457
https://github.com/mwiede/jsch/pull/461
https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd…
https://github.com/NixOS/nixpkgs/pull/275249
https://github.com/openssh/openssh-portable/commits/master
https://github.com/paramiko/paramiko/issues/2337
https://github.com/PowerShell/Win32-OpenSSH/issues/2189
https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta
https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d9…
https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e…
https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
https://github.com/proftpd/proftpd/issues/456
https://github.com/rapier1/hpn-ssh/releases
https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
https://github.com/ronf/asyncssh/tags
https://github.com/ssh-mitm/ssh-mitm/issues/165
https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada…
https://github.com/TeraTermProject/teraterm/releases/tag/v5.1
https://github.com/warp-tech/russh/releases/tag/v0.40.2
https://gitlab.com/libssh/libssh-mirror/-/tags
https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f6…
https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ
https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
https://help.panic.com/releasenotes/transmit5/
https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-…
https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html
https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html
https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html
https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html
https://lists.debian.org/debian-lts-announce/2024/11/msg00032.html
https://lists.debian.org/debian-lts-announce/2025/04/msg00028.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://lists.fedoraproject.org/archives/list/[email protected]…
https://matt.ucc.asn.au/dropbear/CHANGES
https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4L…
https://news.ycombinator.com/item?id=38684904
https://news.ycombinator.com/item?id=38685286
https://news.ycombinator.com/item?id=38732005
https://nova.app/releases/#v11.8
https://oryx-embedded.com/download/#changelog
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002
https://roumenpetrov.info/secsh/#news20231220
https://security.gentoo.org/glsa/202312-16
https://security.gentoo.org/glsa/202312-17
https://security.netapp.com/advisory/ntap-20240105-0004/
https://security-tracker.debian.org/tracker/CVE-2023-48795
https://security-tracker.debian.org/tracker/source-package/libssh2
https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg
https://security-tracker.debian.org/tracker/source-package/trilead-ssh2
https://support.apple.com/kb/HT214084
https://thorntech.com/cve-2023-48795-and-sftp-gateway/
https://twitter.com/TrueSkrillor/status/1736774389725565005
https://ubuntu.com/security/CVE-2023-48795
https://winscp.net/eng/docs/history#6.2.2
https://www.bitvise.com/ssh-client-version-history#933
https://www.bitvise.com/ssh-server-version-history
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
https://www.debian.org/security/2023/dsa-5586
https://www.debian.org/security/2023/dsa-5588
https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c2…
https://www.netsarang.com/en/xshell-update-history/
https://www.openssh.com/openbsd.html
https://www.openssh.com/txt/release-9.6
https://www.openwall.com/lists/oss-security/2023/12/18/2
https://www.openwall.com/lists/oss-security/2023/12/20/3
https://www.paramiko.org/changelog.html
https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve…
https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-c…
https://www.terrapin-attack.com
https://www.theregister.com/2023/12/20/terrapin_attack_ssh
https://www.vandyke.com/products/securecrt/history.txt
https://www.vicarius.io/vsociety/posts/cve-2023-48795-detect-openssh-vulnerabil…
https://www.vicarius.io/vsociety/posts/cve-2023-48795-mitigate-openssh-vulnerab…
http://www.openwall.com/lists/oss-security/2023/12/18/3
http://www.openwall.com/lists/oss-security/2023/12/19/5
http://www.openwall.com/lists/oss-security/2023/12/20/3
http://www.openwall.com/lists/oss-security/2024/03/06/3
http://www.openwall.com/lists/oss-security/2024/04/17/8
http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.h…
https://access.redhat.com/security/cve/cve-2023-48795
https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrit…
https://bugs.gentoo.org/920280
https://bugzilla.redhat.com/show_bug.cgi?id=2254210
https://bugzilla.suse.com/show_bug.cgi?id=1217950
https://crates.io/crates/thrussh/versions
http://seclists.org/fulldisclosure/2024/Mar/21
https://filezilla-project.org/versions.php
https://forum.netgate.com/topic/184941/terrapin-ssh-attack
https://github.com/advisories/GHSA-45x7-px36-x8w8
https://github.com/apache/mina-sshd/issues/445
https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c…
https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22
https://github.com/cyd01/KiTTY/issues/520
https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib…
https://github.com/erlang/otp/releases/tag/OTP-26.2.1
https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
https://github.com/hierynomus/sshj/issues/916
https://github.com/janmojzis/tinyssh/issues/81
https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df815…
https://github.com/libssh2/libssh2/pull/1291
https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/C…
https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3
https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15
https://github.com/mwiede/jsch/issues/457
https://github.com/mwiede/jsch/pull/461
https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd…
https://github.com/NixOS/nixpkgs/pull/275249
https://github.com/openssh/openssh-portable/commits/master
https://github.com/paramiko/paramiko/issues/2337
https://github.com/PowerShell/Win32-OpenSSH/issues/2189
https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta
https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d9…
https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e…
https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
https://github.com/proftpd/proftpd/issues/456
https://github.com/rapier1/hpn-ssh/releases
https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
https://github.com/ronf/asyncssh/tags
https://github.com/ssh-mitm/ssh-mitm/issues/165
https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada…
https://github.com/TeraTermProject/teraterm/releases/tag/v5.1
https://github.com/warp-tech/russh/releases/tag/v0.40.2
https://gitlab.com/libssh/libssh-mirror/-/tags
https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f6…
https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ
https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
https://help.panic.com/releasenotes/transmit5/
https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-…
https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html
https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html
https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedorapr…
https://matt.ucc.asn.au/dropbear/CHANGES
https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4L…
https://news.ycombinator.com/item?id=38684904
https://news.ycombinator.com/item?id=38685286
https://news.ycombinator.com/item?id=38732005
https://nova.app/releases/#v11.8
https://oryx-embedded.com/download/#changelog
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002
https://roumenpetrov.info/secsh/#news20231220
https://security.gentoo.org/glsa/202312-16
https://security.gentoo.org/glsa/202312-17
https://security.netapp.com/advisory/ntap-20240105-0004/
https://security-tracker.debian.org/tracker/CVE-2023-48795
https://security-tracker.debian.org/tracker/source-package/libssh2
https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg
https://security-tracker.debian.org/tracker/source-package/trilead-ssh2
https://support.apple.com/kb/HT214084
https://thorntech.com/cve-2023-48795-and-sftp-gateway/
https://twitter.com/TrueSkrillor/status/1736774389725565005
https://ubuntu.com/security/CVE-2023-48795
https://winscp.net/eng/docs/history#6.2.2
https://www.bitvise.com/ssh-client-version-history#933
https://www.bitvise.com/ssh-server-version-history
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
https://www.debian.org/security/2023/dsa-5586
https://www.debian.org/security/2023/dsa-5588
https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c2…
https://www.netsarang.com/en/xshell-update-history/
https://www.openssh.com/openbsd.html
https://www.openssh.com/txt/release-9.6
https://www.openwall.com/lists/oss-security/2023/12/18/2
https://www.openwall.com/lists/oss-security/2023/12/20/3
https://www.paramiko.org/changelog.html
https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve…
https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-c…
https://www.terrapin-attack.com
https://www.theregister.com/2023/12/20/terrapin_attack_ssh
https://www.vandyke.com/products/securecrt/history.txt
http://www.openwall.com/lists/oss-security/2023/12/18/3
http://www.openwall.com/lists/oss-security/2023/12/19/5
http://www.openwall.com/lists/oss-security/2023/12/20/3
http://www.openwall.com/lists/oss-security/2024/03/06/3
http://www.openwall.com/lists/oss-security/2024/04/17/8