Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mageiaGentoo FoundationMGASA-2015-0107
HistoryMar 12, 2015 - 6:30 p.m.

Updated libssh2 packages fix CVE-2015-1782

2015-03-1218:30:53
Gentoo Foundation
advisories.mageia.org
10

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.4%

JSON

Updated libssh2 packages fix security vulnerability: Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSH_MSG_KEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in the middle a real server and cause a client using the libssh2 library to crash (denial of service) or otherwise read and use unintended memory areas in this process (CVE-2015-1782).

OSVersionArchitecturePackageVersionFilename
Mageia4noarchlibssh2< 1.4.3-3.1libssh2-1.4.3-3.1.mga4

Related

redhat 1
archlinux 1
securityvulns 2
nessus 14
openvas 12
fedora 3
ibm 2
debian 3
freebsd 1
debiancve 1
veracode 1
prion 1
ubuntucve 1
cve 1
oraclelinux 1
altlinux 1
osv 2
centos 1
hackerone 1
redhat
redhat
(RHSA-2015:2140) Low: libssh2 security and bug fix update
2015-11-19 14:40:31
archlinux
archlinux
libssh2: out-of-bounds read
2015-04-09 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 3182-1] libssh2 security update
2015-03-15 00:00:00
libssh2 DoS
2015-03-15 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : libssh2 (MDVSA-2015:148-1)
2015-03-30 00:00:00
Scientific Linux Security Update : libssh2 on SL7.x x86_64 (20151119)
2015-12-22 00:00:00
Fedora 21 : libssh2-1.5.0-1.fc21 (2015-3797)
2015-03-20 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0107)
2022-01-28 00:00:00
RedHat Update for libssh2 RHSA-2015:2140-07
2015-11-20 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0669-1)
2021-04-19 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: libssh2-1.5.0-1.fc20
2015-03-30 07:12:45
[SECURITY] Fedora 21 Update: libssh2-1.5.0-1.fc21
2015-03-19 18:44:02
[SECURITY] Fedora 22 Update: libssh2-1.5.0-1.fc22
2015-03-15 10:52:44
ibm
ibm
Security Bulletin: Vulnerability in libssh2 affects PowerKVM (CVE-2015-1782)
2018-06-18 01:30:32
Security Bulletin: Vulnerability in libssh2 affects SAN Volume Controller and Storwize Family (CVE-2015-1782)
2023-03-29 01:48:02
debian
debian
[SECURITY] [DLA 171-1] libssh2 security update
2015-03-14 18:15:50
[SECURITY] [DSA 3182-1] libssh2 security update
2015-03-11 11:04:21
[SECURITY] [DSA 3182-1] libssh2 security update
2015-03-11 11:04:21
freebsd
freebsd
libssh2 -- denial of service vulnerability
2015-01-25 00:00:00
debiancve
debiancve
CVE-2015-1782
2015-03-13 14:59:00
veracode
veracode
Denial Of Service (DoS)
2017-01-27 08:55:57
prion
prion
Stack overflow
2015-03-13 14:59:00
ubuntucve
ubuntucve
CVE-2015-1782
2015-03-13 00:00:00
cve
cve
CVE-2015-1782
2015-03-13 14:59:00
oraclelinux
oraclelinux
libssh2 security and bug fix update
2015-11-23 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libssh2 version 1.4.3-alt2
2015-11-25 00:00:00
osv
osv
libssh2 - security update
2015-03-11 00:00:00
libssh2 - security update
2015-03-14 00:00:00
centos
centos
libssh2 security update
2015-11-30 19:41:07
hackerone
hackerone
Imgur: SSRF in https://imgur.com/vidgif/url
2016-02-10 18:53:22

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.006 Low

EPSS

Percentile

78.4%

JSON
Related for MGASA-2015-0107
redhat1archlinux1securityvulns2nessus14openvas12fedora3ibm2debian3freebsd1debiancve1veracode1prion1ubuntucve1cve1oraclelinux1altlinux1osv2centos1hackerone1