Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-3182-1:AE94F
HistoryMar 11, 2015 - 11:04 a.m.

[SECURITY] [DSA 3182-1] libssh2 security update

2015-03-1111:04:38
lists.debian.org
8

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.5%

JSON

Debian Security Advisory DSA-3182-1 [email protected]
http://www.debian.org/security/ Salvatore Bonaccorso
March 11, 2015 http://www.debian.org/security/faq

Package : libssh2
CVE ID : CVE-2015-1782
Debian Bug : 780249

Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was
reading and using the SSH_MSG_KEXINIT packet without doing sufficient
range checks when negotiating a new SSH session with a remote server. A
malicious attacker could man in the middle a real server and cause a
client using the libssh2 library to crash (denial of service) or
otherwise read and use unintended memory areas in this process.

For the stable distribution (wheezy), this problem has been fixed in
version 1.4.2-1.1+deb7u1.

We recommend that you upgrade your libssh2 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian7alllibssh2< 1.4.2-1.1+deb7u1libssh2_1.4.2-1.1+deb7u1_all.deb

Related

redhat 1
archlinux 1
securityvulns 2
nessus 14
openvas 12
altlinux 1
osv 2
mageia 1
centos 1
prion 1
oraclelinux 1
debian 2
ubuntucve 1
cve 1
veracode 1
fedora 3
ibm 2
debiancve 1
freebsd 1
hackerone 1
redhat
redhat
(RHSA-2015:2140) Low: libssh2 security and bug fix update
2015-11-19 14:40:31
archlinux
archlinux
libssh2: out-of-bounds read
2015-04-09 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3182-1] libssh2 security update
2015-03-15 00:00:00
libssh2 DoS
2015-03-15 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : libssh2 (MDVSA-2015:148-1)
2015-03-30 00:00:00
Debian DSA-3182-1 : libssh2 - security update
2015-03-12 00:00:00
Fedora 22 : libssh2-1.5.0-1.fc22 (2015-3757)
2015-03-17 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0107)
2022-01-28 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0669-1)
2021-04-19 00:00:00
RedHat Update for libssh2 RHSA-2015:2140-07
2015-11-20 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libssh2 version 1.4.3-alt2
2015-11-25 00:00:00
osv
osv
libssh2 - security update
2015-03-14 00:00:00
libssh2 - security update
2015-03-11 00:00:00
mageia
mageia
Updated libssh2 packages fix CVE-2015-1782
2015-03-12 18:30:53
centos
centos
libssh2 security update
2015-11-30 19:41:07
prion
prion
Stack overflow
2015-03-13 14:59:00
oraclelinux
oraclelinux
libssh2 security and bug fix update
2015-11-23 00:00:00
debian
debian
[SECURITY] [DSA 3182-1] libssh2 security update
2015-03-11 11:04:21
[SECURITY] [DLA 171-1] libssh2 security update
2015-03-14 18:30:24
ubuntucve
ubuntucve
CVE-2015-1782
2015-03-13 00:00:00
cve
cve
CVE-2015-1782
2015-03-13 14:59:00
veracode
veracode
Denial Of Service (DoS)
2017-01-27 08:55:57
fedora
fedora
[SECURITY] Fedora 22 Update: libssh2-1.5.0-1.fc22
2015-03-15 10:52:44
[SECURITY] Fedora 20 Update: libssh2-1.5.0-1.fc20
2015-03-30 07:12:45
[SECURITY] Fedora 21 Update: libssh2-1.5.0-1.fc21
2015-03-19 18:44:02
ibm
ibm
Security Bulletin: Vulnerability in libssh2 affects SAN Volume Controller and Storwize Family (CVE-2015-1782)
2023-03-29 01:48:02
Security Bulletin: Vulnerability in libssh2 affects PowerKVM (CVE-2015-1782)
2018-06-18 01:30:32
debiancve
debiancve
CVE-2015-1782
2015-03-13 14:59:00
freebsd
freebsd
libssh2 -- denial of service vulnerability
2015-01-25 00:00:00
hackerone
hackerone
Imgur: SSRF in https://imgur.com/vidgif/url
2016-02-10 18:53:22

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.5%

JSON
Related for DEBIAN:DSA-3182-1:AE94F
redhat1archlinux1securityvulns2nessus14openvas12altlinux1osv2mageia1centos1prion1oraclelinux1debian2ubuntucve1cve1veracode1fedora3ibm2debiancve1freebsd1hackerone1