Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DLA-3718-1:FD355
HistoryJan 25, 2024 - 2:26 a.m.

[SECURITY] [DLA 3718-1] php-phpseclib security update

2024-01-2502:26:31
lists.debian.org
11
php-phpseclib
terrapin attack
cve-2023-48795
ssh protocol
security update
debian 10
openssh extensions

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

7.1 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.962 High

EPSS

Percentile

99.5%

JSON

Debian LTS Advisory DLA-3718-1 [email protected]
https://www.debian.org/lts/security/ Guilhem Moulin
January 25, 2024 https://wiki.debian.org/LTS

Package : php-phpseclib
Version : 2.0.30-2~deb10u2
CVE ID : CVE-2023-48795

It was discovered that php-phpseclib, a PHP library for
arbitrary-precision integer arithmetic, was vulnerable to the so-called
Terrapin Attack.

The SSH transport protocol with certain OpenSSH extensions, allows
remote attackers to bypass integrity checks such that some packets are
omitted (from the extension negotiation message), and a client and
server may consequently end up with a connection for which some security
features have been downgraded or disabled, aka a Terrapin attack. This
occurs because the SSH Binary Packet Protocol (BPP), implemented by
these extensions, mishandles the handshake phase and mishandles use of
sequence numbers. For example, there is an effective attack against
SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC).

For Debian 10 buster, this problem has been fixed in version
2.0.30-2~deb10u2.

We recommend that you upgrade your php-phpseclib packages.

For the detailed security status of php-phpseclib please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php-phpseclib

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

OSVersionArchitecturePackageVersionFilename
Debian10allphp-phpseclib< 2.0.30-2~deb10u2php-phpseclib_2.0.30-2~deb10u2_all.deb

Related

cbl_mariner 9
nessus 71
debian 4
cloudfoundry 1
oraclelinux 4
freebsd 2
fedora 11
mageia 5
osv 17
redos 3
openvas 41
atlassian 1
redhat 5
ubuntu 4
alpinelinux 1
amazon 1
almalinux 2
ibm 8
github 1
ubuntucve 1
prion 1
rosalinux 1
veracode 2
paloalto 1
cvelist 1
qualysblog 1
cbl_mariner
cbl_mariner
CVE-2023-48795 affecting package kubevirt for versions less than null
2024-01-10 08:19:37
CVE-2023-48795 affecting package libssh for versions less than 0.10.6-1
2024-01-14 22:46:30
CVE-2023-48795 affecting package moby-cli for versions less than 20.10.27-2
2024-01-19 03:54:24
nessus
nessus
Fedora 38 : python-paramiko (2024-39a8c72ea9)
2024-01-10 00:00:00
openSUSE 15 Security Update : proftpd (openSUSE-SU-2023:0421-1)
2023-12-30 00:00:00
EulerOS Virtualization 2.10.1 : libssh2 (EulerOS-SA-2024-1548)
2024-04-19 00:00:00
debian
debian
[SECURITY] [DSA 5600-1] php-phpseclib security update
2024-01-12 07:13:37
[SECURITY] [DSA 5599-1] phpseclib security update
2024-01-12 07:13:27
[SECURITY] [DSA 5601-1] php-phpseclib3 security update
2024-01-12 07:13:57
cloudfoundry
cloudfoundry
USN-6561-1: libssh vulnerability | Cloud Foundry
2024-04-04 00:00:00
oraclelinux
oraclelinux
buildah security update
2024-03-07 00:00:00
openssh security update
2024-03-18 00:00:00
openssh security update
2024-03-19 00:00:00
freebsd
freebsd
jenkins -- Terrapin SSH vulnerability in Jenkins CLI client
2024-04-17 00:00:00
putty -- add protocol extension against 'Terrapin attack'
2023-10-16 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: putty-0.80-1.fc39
2024-01-11 01:17:14
[SECURITY] Fedora 39 Update: prometheus-podman-exporter-1.7.0-1.fc39
2024-01-29 06:26:11
[SECURITY] Fedora 38 Update: podman-tui-0.15.0-1.fc38
2023-12-29 01:05:34
mageia
mageia
Updated erlang packages fix a security vulnerability (Terrapin Attack)
2024-01-20 01:43:32
Updated dropbear package fixes a security vulnerability
2024-01-08 22:01:05
Updated putty package fixes a security vulnerability (Terrapin attack)
2024-01-08 13:12:44
osv
osv
libssh vulnerability
2023-12-19 13:08:22
phpseclib - security update
2024-01-12 00:00:00
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin
2023-12-18 19:22:09
redos
redos
ROS-20240408-15
2024-04-08 00:00:00
ROS-20240408-13
2024-04-08 00:00:00
ROS-20240412-02
2024-04-12 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6561-1)
2023-12-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0327-1)
2024-02-06 00:00:00
Dropbear Prefix Truncation Attacks in SSH Specification (Terrapin Attack)
2024-02-16 00:00:00
atlassian
atlassian
CVE-2023-48795 vulnerability on SSH
2024-01-04 17:19:13
redhat
redhat
(RHSA-2024:0625) Moderate: libssh security update
2024-01-31 08:08:23
(RHSA-2024:1196) Moderate: Red Hat JBoss Enterprise Application Platform 7.4 security update
2024-03-06 17:50:02
(RHSA-2024:1150) Moderate: buildah security update
2024-03-05 15:32:31
ubuntu
ubuntu
FileZilla vulnerability
2024-01-18 00:00:00
libssh2 vulnerability
2024-01-15 00:00:00
LXD vulnerability
2024-04-22 00:00:00
alpinelinux
alpinelinux
CVE-2023-48795
2023-12-18 16:15:10
amazon
amazon
Medium: openssh
2023-12-18 09:20:00
almalinux
almalinux
Moderate: libssh security update
2024-01-31 00:00:00
Moderate: buildah security update
2024-03-05 00:00:00
ibm
ibm
Security Bulletin: OpenSSH vulnerability affects IBM WebSphere Adapter for FTP shipped with IBM Business Automation Workflow - CVE-2023-48795
2024-03-22 16:29:44
Security Bulletin: IBM Tivoli Netcool Impact is vulnerable to a machine-in-the-middle attack due to Apache MINA SSHD (CVE-2023-48795)
2024-04-04 17:46:46
Security Bulletin: IBM Cloud Pak for Data Scheduling is vulnerable to machine-in-the-middle due to golang.org/x/crypto ( CVE-2023-48795 )
2024-04-11 21:32:41
github
github
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin
2023-12-18 19:22:09
ubuntucve
ubuntucve
CVE-2023-48795
2023-12-18 00:00:00
prion
prion
Design/Logic Flaw
2023-12-18 16:15:00
rosalinux
rosalinux
Advisory ROSA-SA-2024-2382
2024-03-26 11:47:18
veracode
veracode
Rogue Session Attack (Terrapin)
2023-12-19 06:46:15
Prefix Truncation Attack (Terrapin Attack)
2023-12-19 09:12:16
paloalto
paloalto
Impact of Terrapin SSH Attack
2024-01-09 01:30:00
cvelist
cvelist
CVE-2023-48795
2023-12-18 00:00:00
qualysblog
qualysblog
SSH Attack Surface (CVE-2023-48795): Find and Patch With CyberSecurity Asset Management Before the Grinch Arrives
2023-12-22 02:17:54

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

7.1 High

AI Score

Confidence

Low

2.6 Low

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

0.962 High

EPSS

Percentile

99.5%

JSON
Related for DEBIAN:DLA-3718-1:FD355
cbl_mariner9nessus71debian4cloudfoundry1oraclelinux4freebsd2fedora11mageia5osv17redos3openvas41atlassian1redhat5ubuntu4alpinelinux1amazon1almalinux2ibm8github1ubuntucve1prion1rosalinux1veracode2paloalto1cvelist1qualysblog1