CVE-2014-1692
published 2014-01-29CVE-2014-1692: The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data…
PriorityP338high7.3CVSS 3.1
AVNACLPRNUINSUCLILAL
EPSS
4.59%
90.5th percentile
The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssh | — | — |
| openbsd | openssh | <= 6.4 | — |
| paloalto | pan-os | — | — |
CVSS provenance
nvdv3.17.3HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_debian7.5LOW
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Palo Alto
PAN-SA-2020-0004 Informational: Third-party or open source vulnerabilities that do not affect PAN-OS
vendor_paloalto·2020-05-13·CVSS 7.5
CVE-2014-1692 [HIGH] PAN-SA-2020-0004 Informational: Third-party or open source vulnerabilities that do not affect PAN-OS
PAN-SA-2020-0004 Informational: Third-party or open source vulnerabilities that do not affect PAN-OS
Palo Alto Networks Product Security Assurance team has evaluated and determined that these third-party or open source vulnerabilities do not have a security impact on PAN-OS, or the scenarios required for successful
CVEs: CVE-2014-1692, CVE-2014-2532, CVE-2014-2653, CVE-2015-5352, CVE-2015-8325, CVE-2016-10009, CVE-2016-10010, CVE-2016-10708, CVE-2016-1908, CVE-2016-3115, CVE-2016-6515, CVE-2018-15473, CVE-2018-15919
Affected products: PAN-OS
Debian
CVE-2014-1692: openssh - The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc ...
vendor_debian·2014·CVSS 7.5
CVE-2014-1692 [HIGH] CVE-2014-1692: openssh - The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc ...
The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
Red Hat
openssh: uninitialized variable use in J-PAKE implementation
vendor_redhat·2013-01-29·CVSS 7.5
CVE-2014-1692 [HIGH] openssh: uninitialized variable use in J-PAKE implementation
openssh: uninitialized variable use in J-PAKE implementation
The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
Statement: Not vulnerable. This issue did not affect the versions of openssh as shipped with Red Hat Enterprise Linux 4, 5, or 6, as the code for J-PAKE support is not compiled into the Red Hat shipped binaries.
Package: openssh (Red Hat Enterprise Linux 5) - Not affected
Package: openssh (Red Hat Enterprise Linux 6) - Not affected
Package: openssh (Red Hat Enterprise Linux 7) - Not affected
GHSA
GHSA-pxrc-fqc7-h5rw: The hash_buffer function in schnorr
ghsa_unreviewed·2022-05-13
CVE-2014-1692 [HIGH] CWE-119 GHSA-pxrc-fqc7-h5rw: The hash_buffer function in schnorr
The hash_buffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service (memory corruption) or have unspecified other impact via vectors that trigger an error condition.
No detection rules found.
No public exploits indexed.
arXiv
Understanding Internet of Things Malware by Analyzing Endpoints in their Static Artifacts
arxiv_fulltext·2021-03-26
Understanding Internet of Things Malware by Analyzing Endpoints in their Static Artifacts
Understanding Internet of Things Malware by Analyzing Endpoints in their Static Artifacts
Afsah Anwar^1, Jinchun Choi^1,2, Abdulrahman Alabduljabbar^1, Hisham Alasmary^1,3,
Jeffrey Spaulding^4, An Wang^5, Songqing Chen^6, DaeHun Nyang^7, Amro Awad^8, and David Mohaisen^1
^1 University of Central Florida
2mm^2 Texas A&M University 2mm^3 King Khalid University 2mm^4 Canisius College
2mm^5 Case Western Reserve University
2mm^6 GMU 2mm^7 Ewha Womans University 2mm^8 NCSU
## Abstract
The lack of security measures among the Internet of Things (IoT) devices and their persistent online connection gives adversaries a prime opportunity to target them or even abuse them as intermediary targets in larger attacks such as distributed denial-of-service (DDoS) campaigns. In this paper, we analyze IoT m
Trendmicro
Current and Future Attacks Threatening Esports
blogs_trendmicro·2019-10-29
Current and Future Attacks Threatening Esports
Cyber Crime
# Current and Future Attacks Threatening Esports
Cybercriminals will increasingly target the esports industry over the next three years. Many underground forums already have sections dedicated to gaming or esports sales, and the goods and services offered in these forums generate a lot of interest.
By: Mayra Rosario Fuentes, Fernando Merces
2019/10/29
Read time: ( words)
Save to Folio
Esports has evolved from niche entertainment into a highly lucrative industry. Growing ad revenue and sponsorships allow the tournaments to grow; and as the tournaments grow, the prize pool grows as well. Of course, growing popularity and increased funds open up the entities involved to cybercriminals looking for any opportunity to make a profit.
Cheats and hacks are widely available in und
Trendmicro
Current and Future Attacks Threatening Esports
blogs_trendmicro·2019-10-29
Current and Future Attacks Threatening Esports
Cyber Crime
# Current and Future Attacks Threatening Esports
Cybercriminals will increasingly target the esports industry over the next three years. Many underground forums already have sections dedicated to gaming or esports sales, and the goods and services offered in these forums generate a lot of interest.
By: Mayra Rosario Fuentes, Fernando Merces
Oct 29, 2019
Read time: ( words)
Save to Folio
Esports has evolved from niche entertainment into a highly lucrative industry. Growing ad revenue and sponsorships allow the tournaments to grow; and as the tournaments grow, the prize pool grows as well. Of course, growing popularity and increased funds open up the entities involved to cybercriminals looking for any opportunity to make a profit.
Cheats and hacks are widely available in u
Bugzilla
CVE-2014-1692 openssh: uninitialized variable use in J-PAKE implementation
bugzilla·2014-01-29·CVSS 7.5
CVE-2014-1692 [HIGH] CVE-2014-1692 openssh: uninitialized variable use in J-PAKE implementation
CVE-2014-1692 openssh: uninitialized variable use in J-PAKE implementation
Mark Dowd reported uninitialized variable use in the shnorr_hash() function in OpenSSH. The J-PAKE implementation exposes this flaw. J-PAKE support is not enabled in the Red Hat Enterprise Linux and Fedora openssh packages.
Upstream fix:
http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/schnorr.c.diff?r1=1.9;r2=1.10
Discussion:
Possible CVE request: http://www.openwall.com/lists/oss-security/2014/01/29/2
---
J-PAKE support in OpenSSH is experimental work-in-progress. It's not enabled in Red Hat Enterprise Linux and Fedora openssh packages.
Statement:
Not vulnerable. This issue did not affect the versions of openssh as shipped with Red Hat Enterprise Linux 4, 5, or 6, as the code for J-PAKE support is n
http://marc.info/?l=bugtraq&m=141576985122836&w=2http://marc.info/?l=bugtraq&m=144050155601375&w=2http://openwall.com/lists/oss-security/2014/01/29/10http://openwall.com/lists/oss-security/2014/01/29/2http://osvdb.org/102611http://secunia.com/advisories/60184http://www-01.ibm.com/support/docview.wss?uid=isg3T1020637http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/Attic/schnorr.c.diff?r1=1.9%3Br2=1.10%3Bf=hhttp://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/schnorr.c#rev1.10http://www.securityfocus.com/bid/65230https://exchange.xforce.ibmcloud.com/vulnerabilities/90819http://marc.info/?l=bugtraq&m=141576985122836&w=2http://marc.info/?l=bugtraq&m=144050155601375&w=2http://openwall.com/lists/oss-security/2014/01/29/10http://openwall.com/lists/oss-security/2014/01/29/2http://osvdb.org/102611http://secunia.com/advisories/60184http://www-01.ibm.com/support/docview.wss?uid=isg3T1020637http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/Attic/schnorr.c.diff?r1=1.9%3Br2=1.10%3Bf=hhttp://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/schnorr.c#rev1.10http://www.securityfocus.com/bid/65230https://exchange.xforce.ibmcloud.com/vulnerabilities/90819
2014-01-29
Published