Lucene search

K

[email protected]CVE-2012-4560

HistoryNov 30, 2012 - 10:55 p.m.

CVE-2012-4560

2012-11-3022:55:00

CWE-119

[email protected]

web.nvd.nist.gov

29

cve-2012-4560

buffer overflow

libssh

denial of service

remote attack

arbitrary code

nvd

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.089 Low

EPSS

Percentile

94.5%

Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors.

CPENameOperatorVersion
libssh:libsshlibssheq0.5.1
libssh:libsshlibssheq0.5.0
libssh:libsshlibssheq0.4.7
libssh:libsshlibssheq0.4.8
libssh:libsshlibsshle0.5.2

References

lists.fedoraproject.org/pipermail/package-announce/2012-November/093313.html

lists.fedoraproject.org/pipermail/package-announce/2012-November/093474.html

lists.opensuse.org/opensuse-security-announce/2012-12/msg00002.html

lists.opensuse.org/opensuse-updates/2012-12/msg00016.html

lists.opensuse.org/opensuse-updates/2013-01/msg00021.html

www.libssh.org/2012/11/20/libssh-0-5-3-security-release/

www.mandriva.com/security/advisories?name=MDVSA-2012:175

www.openwall.com/lists/oss-security/2012/11/20/3

www.securityfocus.com/bid/56604

www.ubuntu.com/usn/USN-1640-1

bugzilla.redhat.com/show_bug.cgi?id=871614

exchange.xforce.ibmcloud.com/vulnerabilities/80219

7.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.089 Low

EPSS

Percentile

94.5%

Related for CVE-2012-4560

prion1 cvelist1 debiancve1 ubuntucve1 altlinux3 nessus10 openvas14 fedora5 securityvulns2 ubuntu1 suse1 slackware1 gentoo1