Vulnerability CVE-2023-48795: Information

Description

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.

Severity: MEDIUM (5.9) Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Published: Dec. 18, 2023
Modified: Jan. 29, 2024
Error type identifier: CWE-354

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
dropbearsisyphus2022.83-alt22022.83-alt2ALT-PU-2024-2108-2340391Fixed
dropbearsisyphus_loongarch642022.83-alt22022.83-alt2ALT-PU-2024-2144-1-Fixed
filezillasisyphus_mipsel3.66.4-alt13.66.4-alt1ALT-PU-2024-1515-1-Fixed
libsshsisyphus0.10.6-alt10.10.6-alt1ALT-PU-2024-1249-1338050Fixed
libsshsisyphus_e2k0.10.6-alt10.10.6-alt1ALT-PU-2024-1279-1-Fixed
libsshsisyphus_riscv640.10.6-alt10.10.6-alt1ALT-PU-2024-2714-1-Fixed
libsshsisyphus_loongarch640.10.6-alt10.10.6-alt1ALT-PU-2024-1440-1-Fixed
libsshp100.10.6-alt10.10.6-alt1ALT-PU-2024-1251-2338051Fixed
libsshp10_e2k0.10.6-alt10.10.6-alt1ALT-PU-2024-1381-1-Fixed
libsshc10f10.10.6-alt10.10.6-alt1ALT-PU-2024-1613-2339474Fixed
libsshc9f20.10.6-alt10.10.6-alt1ALT-PU-2024-1622-4339475Fixed
libssh2sisyphus1.11.0-alt21.11.0-alt2ALT-PU-2024-1561-1339356Fixed
libssh2sisyphus_e2k1.11.0-alt21.11.0-alt2ALT-PU-2024-1699-1-Fixed
libssh2sisyphus_riscv641.11.0-alt21.11.0-alt2ALT-PU-2024-3231-1-Fixed
libssh2sisyphus_loongarch641.11.0-alt21.11.0-alt2ALT-PU-2024-1601-1-Fixed
libssh2p101.11.0-alt21.11.0-alt2ALT-PU-2024-1563-2339351Fixed
libssh2p10_e2k1.11.0-alt21.11.0-alt2ALT-PU-2024-1964-1-Fixed
libssh2c10f11.11.0-alt21.11.0-alt2ALT-PU-2024-1973-2340065Fixed
openquantumsafe-opensshsisyphus8.9p1.202310-alt28.9p1.202310-alt2ALT-PU-2024-1046-5337714Fixed
opensshsisyphus9.5p1-alt29.6p1-alt1ALT-PU-2024-1247-2338314Fixed
opensshsisyphus_riscv649.5p1-alt29.6p1-alt1ALT-PU-2024-2876-1-Fixed
opensshsisyphus_loongarch649.5p1-alt29.6p1-alt1ALT-PU-2024-1471-1-Fixed
opensshp107.9p1-alt4.p10.47.9p1-alt4.p10.4ALT-PU-2024-1190-3338315Fixed
opensshp10_e2k7.9p1-alt4.p10.47.9p1-alt4.p10.4ALT-PU-2024-1468-1-Fixed
opensshc10f17.9p1-alt4.p10.47.9p1-alt4.p10.4ALT-PU-2024-1430-2338781Fixed
opensshc9f27.9p1-alt4.p10.47.9p1-alt4.p10.4ALT-PU-2024-1569-3339369Fixed
podmansisyphus4.8.3-alt14.9.3-alt1ALT-PU-2024-1096-1337978Fixed
podmansisyphus_riscv644.8.3-alt14.8.3-alt2ALT-PU-2024-1101-1-Fixed
podmansisyphus_loongarch644.8.3-alt14.8.3-alt2ALT-PU-2024-1104-1-Fixed
python3-module-paramikosisyphus3.4.0-alt13.4.0-alt1ALT-PU-2024-1940-2339791Fixed
python3-module-paramikosisyphus_e2k3.4.0-alt13.4.0-alt1ALT-PU-2024-2375-1-Fixed
python3-module-paramikosisyphus_loongarch643.4.0-alt13.4.0-alt1ALT-PU-2024-2089-1-Fixed
resticprofilesisyphus0.25.0-alt10.26.0-alt1.1ALT-PU-2024-2064-2340331Fixed
resticprofilesisyphus_loongarch640.25.0-alt10.26.0-alt1.1ALT-PU-2024-2140-1-Fixed
tinysshsisyphus20240101-alt120240101-alt1ALT-PU-2024-1001-2337569Fixed
tinysshsisyphus_e2k20240101-alt120240101-alt1ALT-PU-2024-1054-1-Fixed
tinysshsisyphus_loongarch6420240101-alt120240101-alt1ALT-PU-2024-1023-1-Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
  • Release Notes
https://matt.ucc.asn.au/dropbear/CHANGES
  • Release Notes
https://www.openssh.com/openbsd.html
  • Release Notes
https://github.com/openssh/openssh-portable/commits/master
  • Patch
https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ
  • Mailing List
https://www.bitvise.com/ssh-server-version-history
  • Release Notes
https://github.com/ronf/asyncssh/tags
  • Release Notes
https://gitlab.com/libssh/libssh-mirror/-/tags
  • Release Notes
https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/
  • Issue Tracking
https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42
  • Patch
https://www.openssh.com/txt/release-9.6
  • Release Notes
https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/
  • Press/Media Coverage
https://www.terrapin-attack.com
  • Exploit
https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25
  • Patch
https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst
  • Release Notes
https://thorntech.com/cve-2023-48795-and-sftp-gateway/
  • Third Party Advisory
https://github.com/warp-tech/russh/releases/tag/v0.40.2
  • Release Notes
https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0
  • Patch
https://www.openwall.com/lists/oss-security/2023/12/18/2
  • Mailing List
https://twitter.com/TrueSkrillor/status/1736774389725565005
  • Press/Media Coverage
https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d
  • Patch
https://github.com/paramiko/paramiko/issues/2337
  • Issue Tracking
https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg
  • Mailing List
https://news.ycombinator.com/item?id=38684904
  • Issue Tracking
https://news.ycombinator.com/item?id=38685286
  • Issue Tracking
[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
  • Mailing List
https://github.com/mwiede/jsch/issues/457
  • Issue Tracking
https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6
  • Patch
https://github.com/erlang/otp/releases/tag/OTP-26.2.1
  • Release Notes
https://github.com/advisories/GHSA-45x7-px36-x8w8
  • Third Party Advisory
https://security-tracker.debian.org/tracker/source-package/libssh2
  • Vendor Advisory
https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg
  • Vendor Advisory
https://security-tracker.debian.org/tracker/CVE-2023-48795
  • Vendor Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1217950
  • Issue Tracking
https://bugzilla.redhat.com/show_bug.cgi?id=2254210
  • Issue Tracking
https://bugs.gentoo.org/920280
  • Issue Tracking
https://ubuntu.com/security/CVE-2023-48795
  • Vendor Advisory
https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/
  • Press/Media Coverage
https://access.redhat.com/security/cve/cve-2023-48795
  • Third Party Advisory
https://github.com/mwiede/jsch/pull/461
  • Release Notes
https://github.com/drakkan/sftpgo/releases/tag/v2.5.6
  • Release Notes
https://github.com/libssh2/libssh2/pull/1291
  • Mitigation
https://forum.netgate.com/topic/184941/terrapin-ssh-attack
  • Issue Tracking
https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5
  • Patch
https://github.com/rapier1/hpn-ssh/releases
  • Release Notes
https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES
  • Release Notes
https://www.netsarang.com/en/xshell-update-history/
  • Release Notes
https://www.paramiko.org/changelog.html
  • Release Notes
https://github.com/proftpd/proftpd/issues/456
  • Issue Tracking
https://github.com/TeraTermProject/teraterm/releases/tag/v5.1
  • Release Notes
https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15
  • Product
https://oryx-embedded.com/download/#changelog
  • Release Notes
https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update
  • Release Notes
https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22
  • Third Party Advisory
https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab
  • Patch
https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3
  • Patch
https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC
  • Patch
https://crates.io/crates/thrussh/versions
  • Release Notes
https://github.com/NixOS/nixpkgs/pull/275249
  • Release Notes
[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
  • Mailing List
https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc
  • Release Notes
https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/
  • Press/Media Coverage
[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
  • Mailing List
  • Mitigation
https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES
  • Release Notes
https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES
  • Release Notes
https://github.com/apache/mina-sshd/issues/445
  • Issue Tracking
https://github.com/hierynomus/sshj/issues/916
  • Issue Tracking
https://github.com/janmojzis/tinyssh/issues/81
  • Issue Tracking
https://www.openwall.com/lists/oss-security/2023/12/20/3
  • Mailing List
  • Mitigation
https://security-tracker.debian.org/tracker/source-package/trilead-ssh2
  • Issue Tracking
https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16
  • Patch
http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html
  • Third Party Advisory
  • VDB Entry
FEDORA-2023-0733306be9
  • Vendor Advisory
DSA-5586
  • Issue Tracking
https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508
  • Vendor Advisory
https://www.theregister.com/2023/12/20/terrapin_attack_ssh
  • Press/Media Coverage
https://filezilla-project.org/versions.php
  • Release Notes
https://nova.app/releases/#v11.8
  • Release Notes
https://roumenpetrov.info/secsh/#news20231220
  • Release Notes
https://www.vandyke.com/products/securecrt/history.txt
  • Release Notes
https://help.panic.com/releasenotes/transmit5/
  • Release Notes
https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta
  • Release Notes
https://github.com/PowerShell/Win32-OpenSSH/issues/2189
  • Issue Tracking
https://winscp.net/eng/docs/history#6.2.2
  • Release Notes
https://www.bitvise.com/ssh-client-version-history#933
  • Release Notes
https://github.com/cyd01/KiTTY/issues/520
  • Issue Tracking
DSA-5588
  • Issue Tracking
https://github.com/ssh-mitm/ssh-mitm/issues/165
  • Issue Tracking
https://news.ycombinator.com/item?id=38732005
  • Issue Tracking
[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update
  • Mailing List
GLSA-202312-16
  • Third Party Advisory
GLSA-202312-17
  • Third Party Advisory
FEDORA-2023-20feb865d8
    FEDORA-2023-cb8c606fbb
      FEDORA-2023-e77300e4b5
        FEDORA-2023-b87ec6cf47
          FEDORA-2023-153404713b
            https://security.netapp.com/advisory/ntap-20240105-0004/
              FEDORA-2024-3bb23c77f3
                FEDORA-2023-55800423a8
                  FEDORA-2024-d946b9ad25
                    FEDORA-2024-71c2c6526c
                      FEDORA-2024-39a8c72ea9
                        https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002
                          FEDORA-2024-ae653fb07b
                            FEDORA-2024-2705241461
                              FEDORA-2024-fb32950d11
                                FEDORA-2024-7b08207cdb
                                  FEDORA-2024-06ebb70bdd
                                    [debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update
                                      [debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update
                                        FEDORA-2024-a53b24023d
                                          FEDORA-2024-3fd1bc9276
                                              1. Configuration 1

                                                cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
                                                End excliding
                                                9.6

                                                Configuration 2

                                                cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*
                                                End excliding
                                                0.80

                                                Configuration 3

                                                cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*
                                                End excliding
                                                3.66.4

                                                Configuration 4

                                                cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*

                                                Configuration 5

                                                cpe:2.3:a:panic:transmit_5:*:*:*:*:*:*:*:*

                                                Running on/with:
                                                cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

                                                Configuration 6

                                                cpe:2.3:a:panic:nova:*:*:*:*:*:*:*:*

                                                Running on/with:
                                                cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*

                                                Configuration 7

                                                cpe:2.3:a:roumenpetrov:pkixssh:*:*:*:*:*:*:*:*
                                                End excliding
                                                14.4

                                                Configuration 8

                                                cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*
                                                End excliding
                                                6.2.2

                                                Configuration 9

                                                cpe:2.3:a:bitvise:ssh_client:*:*:*:*:*:*:*:*
                                                End excliding
                                                9.33

                                                Configuration 10

                                                cpe:2.3:a:bitvise:ssh_server:*:*:*:*:*:*:*:*
                                                End excliding
                                                9.32

                                                Configuration 11

                                                cpe:2.3:o:lancom-systems:lcos:*:*:*:*:*:*:*:*

                                                Configuration 12

                                                cpe:2.3:o:lancom-systems:lcos_fx:-:*:*:*:*:*:*:*

                                                Configuration 13

                                                cpe:2.3:o:lancom-systems:lcos_lx:-:*:*:*:*:*:*:*

                                                Configuration 14

                                                cpe:2.3:o:lancom-systems:lcos_sx:5.20:*:*:*:*:*:*:*

                                                cpe:2.3:o:lancom-systems:lcos_sx:4.20:*:*:*:*:*:*:*

                                                Configuration 15

                                                cpe:2.3:o:lancom-systems:lanconfig:-:*:*:*:*:*:*:*

                                                Configuration 16

                                                cpe:2.3:a:vandyke:securecrt:*:*:*:*:*:*:*:*
                                                End excliding
                                                9.4.3

                                                Configuration 17

                                                cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*
                                                End excliding
                                                0.10.6

                                                Configuration 18

                                                cpe:2.3:a:net-ssh:net-ssh:7.2.0:*:*:*:*:ruby:*:*

                                                Configuration 19

                                                cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*

                                                Configuration 20

                                                cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*

                                                Configuration 21

                                                cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*

                                                Configuration 22

                                                cpe:2.3:a:crates:thrussh:*:*:*:*:*:*:*:*
                                                End excliding
                                                0.35.1

                                                Configuration 23

                                                cpe:2.3:a:tera_term_project:tera_term:*:*:*:*:*:*:*:*

                                                Configuration 24

                                                cpe:2.3:a:oryx-embedded:cyclone_ssh:*:*:*:*:*:*:*:*
                                                End excliding
                                                2.3.4

                                                Configuration 25

                                                cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*

                                                Configuration 26

                                                cpe:2.3:a:netsarang:xshell_7:*:*:*:*:*:*:*:*
                                                End excliding
                                                build__0144

                                                Configuration 27

                                                cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*
                                                End excliding
                                                3.4.0

                                                Configuration 28

                                                cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*

                                                Configuration 29

                                                cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*

                                                cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*

                                                cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*

                                                Configuration 30

                                                cpe:2.3:a:redhat:ceph_storage:6.0:*:*:*:*:*:*:*

                                                Configuration 31

                                                cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

                                                cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

                                                Configuration 32

                                                cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*

                                                Configuration 33

                                                cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*

                                                Configuration 34

                                                cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*

                                                Configuration 35

                                                cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*

                                                Configuration 36

                                                cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*

                                                Configuration 37

                                                cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*

                                                Configuration 38

                                                cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*

                                                Configuration 39

                                                cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*

                                                Configuration 40

                                                cpe:2.3:a:redhat:discovery:-:*:*:*:*:*:*:*

                                                Configuration 41

                                                cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*

                                                Configuration 42

                                                cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*

                                                Configuration 43

                                                cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*

                                                Configuration 44

                                                cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*

                                                Configuration 45

                                                cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*

                                                Configuration 46

                                                cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*

                                                cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*

                                                Configuration 47

                                                cpe:2.3:a:golang:crypto:*:*:*:*:*:*:*:*
                                                End excliding
                                                0.17.0

                                                Configuration 48

                                                cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*
                                                End excliding
                                                0.40.2

                                                Configuration 49

                                                cpe:2.3:a:sftpgo_project:sftpgo:*:*:*:*:*:*:*:*
                                                End excliding
                                                2.5.6

                                                Configuration 50

                                                cpe:2.3:a:erlang:erlang\/otp:*:*:*:*:*:*:*:*
                                                End excliding
                                                26.2.1

                                                Configuration 51

                                                cpe:2.3:a:matez:jsch:*:*:*:*:*:*:*:*
                                                End excliding
                                                0.2.15

                                                Configuration 52

                                                cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*
                                                End excliding
                                                1.11.10

                                                Configuration 53

                                                cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*
                                                End excliding
                                                2.14.2

                                                Configuration 54

                                                cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*
                                                End excliding
                                                2022.83

                                                Configuration 55

                                                cpe:2.3:a:jadaptive:maverick_synergy_java_ssh_api:*:*:*:*:*:*:*:*
                                                End excliding
                                                3.1.0-snapshot

                                                Configuration 56

                                                cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*
                                                End excliding
                                                5.11

                                                Configuration 57

                                                cpe:2.3:o:thorntech:sftp_gateway_firmware:*:*:*:*:*:*:*:*
                                                End excliding
                                                3.4.6

                                                Configuration 58

                                                cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*

                                                Configuration 59

                                                cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*

                                                Configuration 60

                                                cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*
                                                End excliding
                                                10.6.0

                                                Configuration 61

                                                cpe:2.3:a:connectbot:sshlib:*:*:*:*:*:*:*:*
                                                End excliding
                                                2.2.22

                                                Configuration 62

                                                cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*

                                                Configuration 63

                                                cpe:2.3:a:apache:sshj:*:*:*:*:*:*:*:*

                                                Configuration 64

                                                cpe:2.3:a:tinyssh:tinyssh:*:*:*:*:*:*:*:*

                                                Configuration 65

                                                cpe:2.3:a:trilead:ssh2:6401:*:*:*:*:*:*:*

                                                Configuration 66

                                                cpe:2.3:a:kitty_project:kitty:*:*:*:*:*:*:*:*

                                                Configuration 67

                                                cpe:2.3:a:gentoo:security:-:*:*:*:*:*:*:*

                                                Running on/with:
                                                cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*