Software Detail

Software Informaton Top

Encryption

Software Detail

Openssh

Number Of NVD

113

CRITICAL

HIGH

MEDIUM

LOW

URL	https://www.openssh.com/
Explanation	It is an SSH implementation developed by the OpenBSD project and used on many Unix and Linux systems. It can also be used on Windows, as the OpenSSH client can be easily installed.
Tag	BSD License オープンソース

Add Information URL

No	Type	Name	URL
1			https://anongit.mindrot.org/openssh

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Critical	High	Medium	Low
31	OpenSSH 9	9.9p2	Feb. 18, 2025	April 8, 2022	2	2	5	0
32	OpenSSH 8	8.9	Feb. 23, 2022	April 17, 2019	2	7	6	1
33	OpenSSH 7	OpenSSH 7.9	Oct. 19, 2018	Aug. 11, 2015	2	12	17	1
34	OpenSSH 6	OpenSSH 6.9	July 1, 2015	April 22, 2012	2	14	23	2
35	OpenSSH 5	OpenSSH 5.9	Sept. 6, 2011	April 3, 2008	2	12	22	6
36	OpenSSH 4	OpenSSH 4.9	March 31, 2008	March 9, 2005	2	18	30	9
37	OpenSSH 3	OpenSSH 3.9	Aug. 18, 2004	Nov. 6, 2001	4	28	30	7
38	OpenSSH 8.4	8.4			1	3	5	1
39	OpenSSH 8.3	8.3			1	4	5	1
40	OpenSSH 8.2	8.2			1	5	5	1
41	OpenSSH 8.1	8.1			1	3	5	1
42	OpenSSH 8.0	8.0			1	4	5	1
43	OpenSSH 7.9	7.9			1	4	9	1
44	OpenSSH 7.8	7.8			1	4	10	1
45	OpenSSH 7.7	7.7			1	4	11	1
46	OpenSSH 7.6	7.6			1	3	11	1
47	OpenSSH 7.5	7.5			1	3	12	1
48	OpenSSH 7.4	7.4			1	3	12	1
49	OpenSSH 7.3	7.3			1	8	13	1
50	OpenSSH 7.2	7.2p2	March 10, 2016		1	10	15	1
51	OpenSSH 7.1	7.1p2	Jan. 14, 2016		2	11	17	1
52	OpenSSH 7.0	7.0			2	11	17	1
53	OpenSSH 6.9	6.9			2	13	18	2
54	OpenSSH 6.8	6.8			2	13	19	2
55	OpenSSH 6.7	6.7			2	11	17	2
56	OpenSSH 6.6	6.6			2	11	18	2
57	OpenSSH 6.5	6.5			2	11	19	2
58	OpenSSH 6.4	6.4			2	12	19	2
59	OpenSSH 6.3	6.3			2	12	20	2
60	OpenSSH 6.2	6.2p2	May 16, 2013		2	12	20	2
61	OpenSSH 6.1	6.1			2	11	20	2
62	OpenSSH 6.0	6.0			2	11	20	2
63	OpenSSH 5.9	5.9			2	11	20	2
64	OpenSSH 5.8p2	5.8p2			2	10	19	2
65	OpenSSH 5.8	5.8p2	May 3, 2011		2	11	20	4
66	OpenSSH 5.7	5.7			2	11	21	4
67	OpenSSH 5.6	5.6			2	12	20	5
68	OpenSSH 5.5	5.5			2	12	19	5
69	OpenSSH 5.4	5.4			2	12	19	5
70	OpenSSH 5.3	5.3			2	11	19	5
71	OpenSSH 5.2	5.2			2	11	19	5
72	OpenSSH 5.1	5.1			2	11	19	5
73	OpenSSH 5.0	5.0			2	11	19	6
74	OpenSSH 4.9	4.9			2	11	19	6
75	OpenSSH 4.8	4.8			2	11	21	6
76	OpenSSH 4.7p1	4.7p1			2	11	18	7
77	OpenSSH 4.7	4.7			2	11	20	7
78	OpenSSH 4.6	4.6			2	12	21	6
79	OpenSSH 4.5	4.5			2	14	22	7
80	OpenSSH 4.4p1	4.4p1			2	12	21	6
81	OpenSSH 4.4	4.4			2	15	21	6
82	OpenSSH 4.3p2	4.3p2			2	12	22	6
83	OpenSSH 4.3p1	4.3p1			2	13	21	6
84	OpenSSH 4.3	4.3p2	Feb. 11, 2006		2	16	24	6
85	OpenSSH 4.2p1	4.2p1			2	13	22	6
86	OpenSSH 4.2	4.2			2	16	22	6
87	OpenSSH 4.1p1	4.1p1			2	13	23	6
88	OpenSSH 4.1	4.1			2	16	23	7
89	OpenSSH 4.0p1	4.0p1			2	13	23	6
90	OpenSSH 4.0	4.0			2	16	25	6
91	OpenSSH 3.9	3.9.1p1			2	16	24	7
92	OpenSSH 3.8	3.8.1p1			2	16	25	7
93	OpenSSH 3.7	3.7.1p2			2	21	25	7
94	OpenSSH 3.6	3.6.1p2			2	21	26	7
95	OpenSSH 3.5p1	3.5p1			2	17	24	7
96	OpenSSH 3.5	3.5			2	20	26	7
97	OpenSSH 3.4p1	3.4p1			2	17	24	7
98	OpenSSH 3.4	3.4			2	20	26	7
99	OpenSSH 3.3p1	3.3p1			2	18	24	7
100	OpenSSH 3.3	3.3			3	21	26	7
101	OpenSSH 3.2	3.2.3p1			3	23	26	7
102	OpenSSH 3.1p1	3.1p1			2	18	24	7
103	OpenSSH 3.1	3.1			3	22	26	7
104	OpenSSH 3.0p1	3.0p1			2	19	24	7
105	OpenSSH 3.0	3.0.2p1			4	24	27	7
106	OpenSSH 2.9p2	2.9p2			4	23	23	6
107	OpenSSH 2.9p1	2.9p1			4	23	23	6
108	OpenSSH 2.9	2.9p2	June 17, 2001		3	27	24	6
109	OpenSSH 2.5	2.5.2p2	March 22, 2001		3	27	24	6
110	OpenSSH 2.3	2.3.0p1	Nov. 6, 2000		3	27	25	6
111	OpenSSH 2.2	2.2.0p1	Sept. 1, 2000		3	29	24	6
112	OpenSSH 2.1	2.1.1p4	July 16, 2000		3	29	25	6
113	OpenSSH 2	OpenSSH 2.9.9	Sept. 25, 2001		4	30	26	6
114	OpenSSH 1.5	1.5.8			2	23	22	6
115	OpenSSH 1.3	1.3			2	23	22	6
116	OpenSSH 1.2	1.2.3p1	March 24, 2000		2	27	28	7
117	OpenSSH 1	OpenSSH 1.2.3p1	March 24, 2000		2	27	28	7
118	OpenSSH -	-			2	22	24	6

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	or less	Update date Published date	Show Affected	Exploit PoC Search
31	7.3 7.5	HIGH Network	Untrusted search path vulnerability in ssh-agent.c in ssh-agent in OpenSSH before 7.4 allows remote attackers to execute arbitrary local PKCS#11 modules by leveraging control over a forwarded agent-s…	CWE-426 Untrusted Search Path	CVE-2016-10009	cpe:2.3:a:openbsd:openssh::	7.3	2024-11-21 11:43 2017-01-5	Show	GitHub Exploit DB Packet Storm

32	7.5 7.8	HIGH Network	The kex_input_kexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate KEXINIT requests. NOTE:…	CWE-399 Resource Management Errors	CVE-2016-8858	cpe:2.3:a:openbsd:openssh:7.3:* cpe:2.3:a:openbsd:openssh:7.2:* cpe:2.3:a:openbsd:openssh:7.1:* cpe:2.3:a:open…		2024-11-21 12:00 2016-12-9	Show	GitHub Exploit DB Packet Storm

33	7.5 7.8	HIGH Network	The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (cryp…	CWE-20 Improper Input Validation	CVE-2016-6515	cpe:2.3:a:openbsd:openssh:*:p2	7.2	2024-11-21 11:56 2016-08-8	Show	GitHub Exploit DB Packet Storm

34	7.8 7.2	HIGH Local	The do_setup_env function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows loc…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-8325	cpe:2.3:a:openbsd:openssh:*:p2	7.2	2024-11-21 11:38 2016-05-1	Show	GitHub Exploit DB Packet Storm

35	6.4 5.5	MEDIUM Network	Multiple CRLF injection vulnerabilities in session.c in sshd in OpenSSH before 7.2p2 allow remote authenticated users to bypass intended shell-command restrictions via crafted X11 forwarding data, re…	NVD-CWE-Other	CVE-2016-3115	cpe:2.3:a:openbsd:openssh:*:p1	7.2	2024-11-21 11:49 2016-03-22	Show	GitHub Exploit DB Packet Storm

36	5.3 5.0	MEDIUM Network	The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-1907	cpe:2.3:a:openbsd:openssh:7.1:p1 cpe:2.3:a:openbsd:openssh:7.1:* cpe:2.3:a:openbsd:openssh:7.0:p1 cpe:2.3:a:op…		2024-11-21 11:47 2016-01-19	Show	GitHub Exploit DB Packet Storm

37	8.1 4.6	HIGH Network	The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly m…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2016-0778	cpe:2.3:a:openbsd:openssh:7.1:p1 cpe:2.3:a:openbsd:openssh:7.1:* cpe:2.3:a:openbsd:openssh:7.0:p1 cpe:2.3:a:op…		2024-11-21 11:42 2016-01-15	Show	GitHub Exploit DB Packet Storm

38	6.5 4.0	MEDIUM Network	The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmiss…	CWE-200 Information Exposure	CVE-2016-0777	cpe:2.3:a:openbsd:openssh:7.1:p1 cpe:2.3:a:openbsd:openssh:7.1:* cpe:2.3:a:openbsd:openssh:7.0:p1 cpe:2.3:a:op…		2024-11-21 11:42 2016-01-15	Show	GitHub Exploit DB Packet Storm

39	- 7.2	HIGH	sshd in OpenSSH 6.8 and 6.9 uses world-writable permissions for TTY devices, which allows local users to cause a denial of service (terminal disruption) or possibly have unspecified other impact by w…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-6565	cpe:2.3:a:openbsd:openssh:6.9:* cpe:2.3:a:openbsd:openssh:6.8:*		2024-11-21 11:35 2015-08-24	Show	GitHub Exploit DB Packet Storm

40	- 6.9	MEDIUM	Use-after-free vulnerability in the mm_answer_pam_free_ctx function in monitor.c in sshd in OpenSSH before 7.0 on non-OpenBSD platforms might allow local users to gain privileges by leveraging contro…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2015-6564	cpe:2.3:a:openbsd:openssh::	6.9	2024-11-21 11:35 2015-08-24	Show	GitHub Exploit DB Packet Storm