02-22-2023, 05:03 PM
CVE-2023-25136 - OpenSSH server
|
01-23-2024, 03:09 PM
(02-22-2023, 05:03 PM)KAPLA Wrote: OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be triggered by an unauthenticated attacker in the default configuration. One third-party report states "remote code execution is theoretically possible." |
« Next Oldest | Next Newest »
|
Users browsing this thread: |
8 Guest(s) |