Lucene search

K
osvGoogleOSV:DSA-717-1
HistoryApr 27, 2005 - 12:00 a.m.

lsh-utils - buffer overflow, typo

2005-04-2700:00:00
Google
osv.dev
9

EPSS

0.063

Percentile

93.7%

Several security relevant problems have been discovered in lsh, the
alternative secure shell v2 (SSH2) protocol server. The Common
Vulnerabilities and Exposures project identifies the following
vulnerabilities:

  • CAN-2003-0826
    Bennett Todd discovered a heap buffer overflow in lshd which could
    lead to the execution of arbitrary code.

  • CAN-2005-0814
    Niels MΔ‚Ε›ller discovered a denial of service condition in lshd.

For the stable distribution (woody) these problems have been fixed in
version 1.2.5-2woody3.

For the unstable distribution (sid) these problems have been fixed in
version 2.0.1-2.

We recommend that you upgrade your lsh-server package.

EPSS

0.063

Percentile

93.7%