Tag

Openssh

5 briefs RSS

OpenSSH Authentication Bypass Vulnerability

A vulnerability in OpenSSH could allow for authentication bypass, potentially granting an attacker root access to vulnerable servers running the protocol.

OpenSSH authentication-bypass privilege-escalation network

2r 1t Apr 28, 2026

medium advisory

OpenSSH GSSAPI Vulnerability Leads to Potential Denial-of-Service

2 rules 1 TTP

A remote, anonymous attacker can exploit a vulnerability in OpenSSH GSSAPI and Ubuntu Linux to trigger undefined behavior or a potential denial-of-service attack.

openssh gssapi denial-of-service linux

2r 1t Apr 7, 2026

medium advisory

OpenSSH scp Insecure File Permission Vulnerability (CVE-2026-35385)

2 rules 1 TTP 1 CVE

OpenSSH versions before 10.3 allow for the potential installation of setuid or setgid files when using scp to download files as root with the -O option (legacy SCP protocol) and without the -p option (preserve mode), contrary to user expectations.

openssh scp privilege-escalation cve-2026-35385

2r 1t 1c Apr 2, 2026

high advisory

OpenSSH Vulnerabilities Allow Local Code Execution

2 rules 1 TTP

A local attacker can exploit multiple vulnerabilities in OpenSSH to execute arbitrary code, potentially leading to privilege escalation and system compromise.

openssh code-execution privilege-escalation

2r 1t Mar 24, 2026

high advisory

Proxy Execution via Windows OpenSSH Client

2 rules

Detection of command execution via proxy using the Windows OpenSSH client (ssh.exe or sftp.exe) to bypass application control using trusted Windows binaries.

M365 Defender +2 defense-evasion proxy-execution openssh application-control-bypass

2r Jan 3, 2024