OpenBSD OpenSSH 5.7
Approved changes feed: RSS · Atom
cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*
part: a version: 5.7 update: *
| Vendor | Openbsd (932cdfc2-94b9-5fb6-8ef3-d0b271f414b5) |
|---|---|
| Product | Openssh (00fc4953-faf7-5f04-8d3d-4edd44206199) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:github/openssh/openssh-portable |
purl2cpe | 2026-06-01 10:17:38.304320 |
pkg:mindrot/openss |
purl2cpe | 2026-06-01 10:17:38.304321 |
pkg:openbsd/openssh |
purl2cpe | 2026-06-01 10:17:38.304323 |
pkg:rpm/fedora/openssh |
purl2cpe | 2026-06-01 10:17:38.304324 |
pkg:rpm/opensuse/openssh |
purl2cpe | 2026-06-01 10:17:38.304325 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2016-0778 |
vulnerable | 2026-06-08 05:07:16.232234 |
Details available
The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
Published: 2016-01-14T00:00:00.000Z
Updated: 2026-05-29T20:28:32.960Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2016-0777 |
vulnerable | 2026-06-08 05:07:16.213949 |
Details available
The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.
Published: 2016-01-14T00:00:00.000Z
Updated: 2026-05-29T20:30:01.702Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-5000 |
vulnerable | 2026-06-08 04:59:34.139706 |
Details available
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
Published: 2012-04-04T10:00:00.000Z
Updated: 2024-08-07T00:23:39.092Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-4327 |
vulnerable | 2026-06-08 04:59:30.689565 |
Details available
ssh-keysign.c in ssh-keysign in OpenSSH before 5.8p2 on certain platforms executes ssh-rand-helper with unintended open file descriptors, which allows local users to obtain sensitive key information via the ptrace system call.
Published: 2014-02-03T02:00:00.000Z
Updated: 2026-05-29T20:31:20.769Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2011-0539 |
vulnerable | 2026-06-08 04:56:37.746565 |
Details available
The key_certify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct hash collision attacks.
Published: 2011-02-10T17:00:00.000Z
Updated: 2026-05-29T20:34:45.288Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-5107 |
vulnerable | 2026-06-08 04:56:32.268423 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2010-4755 |
vulnerable | 2026-06-08 04:56:30.614099 | db.gcve.eu details were skipped to keep the page responsive. | Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.