SSH vulnerabilities

2025-11-03

SSH implementations suffer from security vulnerabilities just like any other software would. Many implementations have long and storied histories of vulnerabilities.

OpenSSH is generally well regarded as “secure”. OpenSSH is one of the most heavily scrutinized and security-audited software projects in existence, owing to its ubiquity, age, and the OpenBSD community’s focus on defensive design. That said, it is not perfect and poses a risk to expose publicly or on any network. That said, it is safe to assume that sysadmins misconfiguring the service or users having their credentials stolen is more likely to occur than an attacker exploiting OpenSSH itself.

Name/Description	CVE	Link
libssh authentication bypass	CVE-2018-10933
regreSSHion	CVE-2024-6387
OpenSSH “roaming” info-leak / client bug	CVE-2016-0777 / CVE-2016-0778
Debian OpenSSL predictable RNG (Debian OpenSSL bug)	CVE-2008-0166
SCP client directory-traversal	CVE-2019-6111
Format string vulnerability in Dropbear SSH	CVE-2016-7406

SSH vulnerabilities

2025-11-03

No notes link to this note

Recent Posts

Linux Persistence: Modular Software

2025-04-17 DFIR CTF persistence linux persistence apache asterisk

Linux Persistence: Web Shells

2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP

Linux Persistence: Rootkits

2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking

Linux Persistence: Processes

2025-04-11 DFIR persistence processes linux persistence processes

Defanging Linux LKM Rootkits With cleanup_module()

2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit