32 matches found
MiracleLinux 7 : libssh2-1.4.3-10.el7 (AXSA:2015-623:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-623:01 advisory. libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20,...
Linux Distros Unpatched Vulnerability : CVE-2015-1782
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The kexagreemethods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service crash or have other unspecified impact via crafted lengt...
Security Bulletin: Vulnerability in libssh2 affects SAN Volume Controller and Storwize Family (CVE-2015-1782)
Summary A vulnerability in libssh2 affects SAN Volume Controller and Storwize Family. Vulnerability Details CVEID: CVE-2015-1782 DESCRIPTION: libssh2 is vulnerable to a denial of service, caused by an error in kexagreemethods function. By sending a specially-craftedlity to cause the system to sto...
Debian: Security Advisory (DLA-171-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE CVE-2015-1782
The kexagreemethods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service crash or have other unspecified impact via crafted length values in an SSHMSGKEXINIT packet...
SUSE: Security Advisory (SUSE-SU-2015:0676-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0669-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in libssh2 affects PowerKVM (CVE-2015-1782)
Summary A vulnerability in libssh2 CVE-2015-1782 affects PowerKVM. Vulnerability Details CVEID: CVE-2015-1782 DESCRIPTION: libssh2 is vulnerable to a denial of service, caused by an error in kexagreemethods function. By sending a specially-craftedlity to cause the system to stop responding...
Scientific Linux Security Update : libssh2 on SL7.x x86_64 (20151119)
A flaw was found in the way the kexagreemethods function of libssh2 performed a key exchange when negotiating a new SSH session. A man-in-the- middle attacker could use a crafted SSHMSGKEXINIT packet to crash a connecting libssh2 client. CVE-2015-1782 This update also fixes the following bugs : -...
CentOS 7 : libssh2 (CESA-2015:2140)
Updated libssh2 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
libssh2 security update
CentOS Errata and Security Advisory CESA-2015:2140 Updated libssh2 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base scor...
Security fix for the ALT Linux 8 package libssh2 version 1.4.3-alt2
Nov. 25, 2015 Anton V. Boyarshinov 1.4.3-alt2 - CVE-2015-1782 fixed...
Oracle: Security Advisory (ELSA-2015-2140)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : libssh2 (ELSA-2015-2140)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2140 advisory. - check length of data extracted from the SSHMSGKEXINIT packet CVE-2015-1782 Tenable has extracted the preceding description block directly from the Oracle Linu...
libssh2 security and bug fix update
1.4.3-10 - check length of data extracted from the SSHMSGKEXINIT packet CVE-2015-1782 1.4.3-9 - curl consumes too much memory during scp download 1080459 - prevent a not-connected agent from closing STDIN 1147717...
RedHat Update for libssh2 RHSA-2015:2140-07
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : libssh2 (RHSA-2015:2140)
Updated libssh2 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Fedora Update for libssh2 FEDORA-2015-3757
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SuSE 11.3 Security Update : libssh2_org (SAT Patch Number 10426)
The ssh client library libssh2org was updated to fix a security issue : - A malicious server could send a crafted SSHMSGKEXINIT packet, that could lead to a buffer overread and to a crash of the application using libssh2org. CVE-2015-1782 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
Fedora 20 : libssh2-1.5.0-1.fc20 (2015-3791)
This update, to the current upstream release version, contains numerous bug fixes and enhancements as described in the RELEASE-NOTES file. These include a security fix for CVE-2015-1782 : A malicious attacker could man in the middle a real server and cause libssh2-using clients to crash denial of...