Develop-Python
diff --git a/‎doc/CVE-2016-20012.rst
Lines changed: 48 additions & 0 deletions b/‎doc/CVE-2016-20012.rst
Lines changed: 48 additions & 0 deletions
diff --git a/‎doc/CVE-2021-36367.rst
Lines changed: 58 additions & 0 deletions b/‎doc/CVE-2021-36367.rst
Lines changed: 58 additions & 0 deletions
diff --git a/‎doc/CVE-2021-36368.rst
Lines changed: 36 additions & 0 deletions b/‎doc/CVE-2021-36368.rst
Lines changed: 36 additions & 0 deletions
diff --git a/‎doc/CVE-2021-36369.rst
Lines changed: 36 additions & 0 deletions b/‎doc/CVE-2021-36369.rst
Lines changed: 36 additions & 0 deletions
diff --git a/‎doc/_templates/includes/sidebar.html
Lines changed: 1 addition & 1 deletion b/‎doc/_templates/includes/sidebar.html
Lines changed: 1 addition & 1 deletion
diff --git a/‎doc/ssh_vulnerabilities.rst
Lines changed: 37 additions & 6 deletions b/‎doc/ssh_vulnerabilities.rst
Lines changed: 37 additions & 6 deletions
diff --git a/‎ssh_proxy_server/data/client_vulnerabilities.yml
Lines changed: 16 additions & 0 deletions b/‎ssh_proxy_server/data/client_vulnerabilities.yml
Lines changed: 16 additions & 0 deletions
@@ -0,0 +1,48 @@
+CVE-2016-20012
+==============
+
+.. raw:: html
+
+    <div class="card card-margin">
+        <div class="card-header no-border">
+            <h5 class="card-title cve-title">CVE-2016-20012</h5>
+        </div>
+        <div class="card-body pt-0">
+            <div class="widget-49">
+                <div class="widget-49-title-wrapper">
+                    <div class="widget-49-date-primary">
+                        <span class="widget-49-date-day">7.4</span>
+                        <span class="widget-49-date-month">CVSS</span>
+                    </div>
+                    <div class="widget-49-meeting-info">
+                        <span class="widget-49-pro-title"><b>Vector:</b> CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N</span>
+                        <span class="widget-49-meeting-time">
+                            <a href="https://nvd.nist.gov/vuln/detail/CVE-2016-20012">https://nvd.nist.gov/vuln/detail/CVE-2016-20012</a>
+                        </span>
+                    </div>
+                </div>
+                <p class="widget-49-meeting-integration">
+                    <i class="fas fa-check"></i> integrated in <a href="https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/authentication.py">SSH-MITM server</a>
+                </p>
+                <p class="widget-49-meeting-text">
+                    OpenSSH through 8.7 allows remote attackers, who have a suspicion that
+                    a certain combination of username and public key is known to an SSH server,
+                    to test whether this suspicion is correct. This occurs because a challenge is
+                    sent only when that combination could be valid for a login session.
+                </p>
+                <span class="widget-49-pro-title"><b>Affected Software:</b></span>
+                <ul class="widget-49-meeting-points">
+                    <li class="widget-49-meeting-item"><b>OpenSSH</b> &lt;=8.7</li>
+                </ul>
+            </div>
+        </div>
+    </div>
+
+
+References
+----------
+
+* https://github.com/openssh/openssh-portable/blob/d0fffc88c8fe90c1815c6f4097bc8cbcabc0f3dd/auth2-pubkey.c#L261-L265
+* https://github.com/openssh/openssh-portable/pull/270
+* https://rushter.com/blog/public-ssh-keys/
+* https://utcc.utoronto.ca/~cks/space/blog/tech/SSHKeysAreInfoLeak
@@ -0,0 +1,58 @@
+CVE-2021-36367
+==============
+
+.. raw:: html
+
+    <div class="card card-margin">
+        <div class="card-header no-border">
+            <h5 class="card-title cve-title">CVE-2021-36367</h5>
+        </div>
+        <div class="card-body pt-0">
+            <div class="widget-49">
+                <div class="widget-49-title-wrapper">
+                    <div class="widget-49-date-primary">
+                        <span class="widget-49-date-day">8.1</span>
+                        <span class="widget-49-date-month">CVSS</span>
+                    </div>
+                    <div class="widget-49-meeting-info">
+                        <span class="widget-49-pro-title"><b>Vector:</b> CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N</span>
+                        <span class="widget-49-meeting-time">
+                            <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36367">https://nvd.nist.gov/vuln/detail/CVE-2021-36367</a>
+                        </span>
+                    </div>
+                </div>
+                <p class="widget-49-meeting-integration">
+                    <i class="fas fa-check"></i> integrated in SSH-MITM server
+                </p>
+                <p class="widget-49-meeting-text">
+                    <b>Note: MITRE's description is wrong. Please read note bellow.</b></br>
+                    PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive authentication response.
+                    This makes it easier for an attacker-controlled SSH server to present a later spoofed authentication prompt
+                    (that the attacker can use to capture credential data, and use that data for purposes that are undesired by the client user).
+                </p>
+                <span class="widget-49-pro-title"><b>Affected Software:</b></span>
+                <ul class="widget-49-meeting-points">
+                    <li class="widget-49-meeting-item"><b>PuTTY</b> &lt; 0.71</li>
+                </ul>
+            </div>
+        </div>
+    </div>
+
+.. note::
+
+    **Comment from Simon Tatham:**
+
+    CVE-2021-36367 refers to this new option as a fix for a vulnerability, and describes the vulnerability
+    as "PuTTY through 0.75 proceeds with establishing an SSH session even if it has never sent a substantive
+    authentication response". With respect to the author of that text, we consider that to be misleading.
+    It is perfectly legal for the server to waive authentication, and actually useful in some legitimate use cases;
+    it is perfectly legal for PuTTY to proceed with the connection regardless; and the trust sigil system introduced
+    in 0.71 already defends against every spoofing attack we know of that a server could attempt by doing this unexpectedly.
+    This new option is a UI improvement, but not in and of itself a vital vulnerability fix.
+
+
+References
+----------
+
+* https://git.tartarus.org/?p=simon/putty.git;a=commit;h=1dc5659aa62848f0aeb5de7bd3839fecc7debefa
+* https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html
@@ -0,0 +1,36 @@
+CVE-2021-36368
+==============
+
+.. raw:: html
+
+    <div class="card card-margin">
+        <div class="card-header no-border">
+            <h5 class="card-title cve-title">CVE-2021-36368</h5>
+        </div>
+        <div class="card-body pt-0">
+            <div class="widget-49">
+                <div class="widget-49-title-wrapper">
+                    <div class="widget-49-date-primary">
+                        <span class="widget-49-date-day">N/A</span>
+                        <span class="widget-49-date-month">CVSS</span>
+                    </div>
+                    <div class="widget-49-meeting-info">
+                        <span class="widget-49-pro-title"><b>Vector:</b> N/A</span>
+                        <span class="widget-49-meeting-time">
+                            <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36368">https://nvd.nist.gov/vuln/detail/CVE-2021-36368</a>
+                        </span>
+                    </div>
+                </div>
+                <p class="widget-49-meeting-integration">
+                    <i class="fas fa-check"></i> integrated in SSH-MITM server
+                </p>
+                <p class="widget-49-meeting-text">
+                    This CVE is marked as reserved.
+                </p>
+                <span class="widget-49-pro-title"><b>Affected Software:</b></span>
+                <ul class="widget-49-meeting-points">
+                    <li class="widget-49-meeting-item"><b>OpenSSHH</b> &lt;= 8.7</li>
+                </ul>
+            </div>
+        </div>
+    </div>
@@ -0,0 +1,36 @@
+CVE-2021-36369
+==============
+
+.. raw:: html
+
+    <div class="card card-margin">
+        <div class="card-header no-border">
+            <h5 class="card-title cve-title">CVE-2021-36369</h5>
+        </div>
+        <div class="card-body pt-0">
+            <div class="widget-49">
+                <div class="widget-49-title-wrapper">
+                    <div class="widget-49-date-primary">
+                        <span class="widget-49-date-day">N/A</span>
+                        <span class="widget-49-date-month">CVSS</span>
+                    </div>
+                    <div class="widget-49-meeting-info">
+                        <span class="widget-49-pro-title"><b>Vector:</b> N/A</span>
+                        <span class="widget-49-meeting-time">
+                            <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-36369">https://nvd.nist.gov/vuln/detail/CVE-2021-36369</a>
+                        </span>
+                    </div>
+                </div>
+                <p class="widget-49-meeting-integration">
+                    <i class="fas fa-check"></i> integrated in SSH-MITM server
+                </p>
+                <p class="widget-49-meeting-text">
+                    This CVE is marked as reserved.
+                </p>
+                <span class="widget-49-pro-title"><b>Affected Software:</b></span>
+                <ul class="widget-49-meeting-points">
+                    <li class="widget-49-meeting-item"><b>Dropbear</b> &lt;= 2020.81</li>
+                </ul>
+            </div>
+        </div>
+    </div>
@@ -12,7 +12,7 @@
         </div>
 
     {% block menu %}
-        {% set theTocTree = toctree(maxdepth=2)
+        {% set theTocTree = toctree(maxdepth=1)
             | replace('<p class="caption"><span class="caption-text">Contents:</span></p>', "")
             | replace("toctree-l1", "toctree-l1 toctree-item") %}
         {{theTocTree}}
 
@@ -2,21 +2,52 @@ SSH Vurnabilities
 ===================
 
 
-
 .. toctree::
    :maxdepth: 1
-   :caption: CVE List
+   :caption: OpenSSH
 
-   CVE-2021-36370
-   CVE-2021-33500
+   CVE-2016-20012
+   CVE-2021-36368
    CVE-2021-28041
    CVE-2020-15778
    CVE-2020-14145
-   CVE-2020-14002
    CVE-2019-6111
    CVE-2019-6110
    CVE-2019-6109
    CVE-2018-20685
    CVE-2018-15919
-   CVE-2018-15599
    CVE-2018-15473
+
+
+.. toctree::
+   :maxdepth: 1
+   :caption: PuTTY
+
+   CVE-2021-36367
+   CVE-2021-33500
+   CVE-2020-14002
+
+
+.. toctree::
+   :maxdepth: 1
+   :caption: Dropbear
+
+   CVE-2021-36369
+   CVE-2018-15599
+
+
+.. toctree::
+   :maxdepth: 1
+   :caption: WinSCP
+
+   CVE-2019-6111
+   CVE-2019-6110
+   CVE-2019-6109
+   CVE-2018-20685
+
+
+.. toctree::
+   :maxdepth: 1
+   :caption: Midnight Commander
+
+   CVE-2021-36370
@@ -1,4 +1,8 @@
 putty_release:
+  CVE-2021-36367:
+    version_max: 0.71
+    cvss: N/A
+    docs: true
   CVE-2021-33500:
     version_min:
     version_max: 0.74
@@ -10,6 +14,14 @@ putty_release:
     cvss: 4.3
     docs: true
 openssh:
+  CVE-2016-20012:
+    version_max: 8.7
+    cvss: N/A
+    docs: true
+  CVE-2021-36368:
+    version_max: 8.7
+    cvss: N/A
+    docs: true
   CVE-2021-28041:
     version_min: 8.2
     version_max: 8.4
@@ -76,6 +88,10 @@ openssh:
     version_max: 7.3
     cvss: 7.5
 dropbear:
+  CVE-2021-36369:
+    version_max: 2020.81
+    cvss: N/A
+    docs: true
   CVE-2018-15599:
     version_max: 2018.76
     cvss: 5.0