Vulnerabilities > SSH > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-01-09 | CVE-2007-5616 | Permissions, Privileges, and Access Controls vulnerability in multiple products ssh-signer in SSH Tectia Client and Server 5.x before 5.2.4, and 5.3.x before 5.3.6, on Unix and Linux allows local users to gain privileges via unspecified vectors. | 7.2 |
| 2006-08-23 | CVE-2006-4316 | Local Privilege Escalation vulnerability in SSH Tectia Manager Agent Process SSH Tectia Management Agent 2.1.2 allows local users to gain root privileges by running a program called sshd, which is obtained from a process listing when the "Restart" action is selected from the Management server GUI, which causes the agent to locate the pathname of the user's program and restart it with root privileges. | 7.2 |
| 2006-08-23 | CVE-2006-4315 | Privilege Escalation vulnerability in SSH Tectia Windows Path Specification Unquoted Windows search path vulnerability in multiple SSH Tectia products, including Client/Server/Connector 5.0.0 and 5.0.1 and Client/Server before 4.4.5, and Manager 2.12 and earlier, when running on Windows, might allow local users to gain privileges via a malicious program file under "Program Files" or its subdirectories. | 7.2 |
| 2005-12-17 | CVE-2005-4310 | Authentication Authorization Bypass vulnerability in SSH Tectia Server 5.0.0A/5.0.0F/5.0.0T SSH Tectia Server 5.0.0 (A, F, and T), when allowing host-based authentication only, allows users to log in with the wrong credentials. | 7.5 |
| 2002-12-31 | CVE-2002-1715 | Unspecified vulnerability in SSH and Ssh2 SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access. | 7.2 |
| 2002-12-31 | CVE-2002-1646 | Unspecified vulnerability in SSH Secure Shell FOR Servers SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. | 7.5 |
| 2002-11-25 | CVE-2002-1644 | Privilege Escalation vulnerability in SSH Communications SSH Server SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges. | 7.2 |
| 2001-08-22 | CVE-2001-0572 | The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands. | 7.5 |
| 2001-08-14 | CVE-2001-0553 | Unspecified vulnerability in SSH Secure Shell 3.0.0 SSH Secure Shell 3.0.0 on Unix systems does not properly perform password authentication to the sshd2 daemon, which allows local users to gain access to accounts with short password fields, such as locked accounts that use "NP" in the password field. | 7.2 |
| 2001-06-27 | CVE-2001-0471 | Unspecified vulnerability in SSH SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack. | 7.5 |