all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert

Add to bookmarks
Dec. 27, 2023, 6:58 a.m. | NSFOCUS

Security Boulevard securityboulevard.com

Overview Recently, NSFOCUS CERT detected that OpenSSH released a security update and fixed a command injection vulnerability caused by malicious shell characters (CVE-2023-51385), with a CVSS score of 9.8; Since there is no security filtering of username and hostname input represented by %h,%u in OpenSSH’s ProxyCommand command, command injection may occur if the username or […]


The post OpenSSH Command Injection Vulnerability (CVE-2023-51385) Alert appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers …

alert blog cert characters command command injection cve cvss cvss score emergency-response injection input malicious may nsfocus openssh proxycommand score security security update shell update username vulnerability

Visit resource

More from securityboulevard.com / Security Boulevard

3 Ways File Integrity Monitoring Identifies Zero-Day Attacks an hour ago | securityboulevard.com
attack attacks cyberattack cybercrime +23
SSH vs. SSL/TLS: What’s The Difference? 2 hours ago | securityboulevard.com
authentication benefits cases certificate authority +27
LockBit, RAGroup Drive Ransomware Attacks in March 3 hours ago | securityboulevard.com
analytics & intelligence attacks cyber cybercriminal +25
Multiple Apache HTTP Server Vulnerabilities Fixed in Ubuntu 6 hours ago | securityboulevard.com
apache apache http server vulnerabilities attackers code +28
Preparing for Holiday Cyberattacks 7 hours ago | securityboulevard.com
advice application protection best practices can +22
Debian 12: Redefining Stability and Innovation in Open-Source Operating Systems 7 hours ago | securityboulevard.com
debian debian 12 debian 12 els debian 12 eol +14
KapeKa Backdoor: Russian Threat Actor Group’s Recent Attacks 8 hours ago | securityboulevard.com
actor advanced persistent threat (apt) attacks backdoor +26
Ensuring RBI Compliance: Crucial Cybersecurity Measures to Protect Financial Standing 9 hours ago | securityboulevard.com
attacks bank banking banking sector +24
Symmetry Systems Announces World’s First Air-Gapped Deployment of a DSPM Solution 9 hours ago | securityboulevard.com
air air-gapped ai security assurance +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineer

@ Commit | San Francisco
View on infosec-jobs.com

Trainee (m/w/d) Security Engineering CTO Taskforce Team

@ CHECK24 | Berlin, Germany
View on infosec-jobs.com

Security Engineer

@ EY | Nicosia, CY, 1087
View on infosec-jobs.com

Information System Security Officer (ISSO) Level 3-COMM Job#455

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Application Security Engineer

@ Wise | London, United Kingdom
View on infosec-jobs.com
View more jobs