Debian: Security Advisory (DLA-425-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K57255643: libssh vulnerability CVE-2016-0739

Security Advisory Description libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via...

Security fix for the ALT Linux 9 package libssh version 0.7.5-alt1

Aug. 8, 2017 Sergey V Turchin 0.7.5-alt1 - new version - security fix: CVE-2016-0739...

Security fix for the ALT Linux 8 package libssh version 0.7.5-alt1

Aug. 8, 2017 Sergey V Turchin 0.7.5-alt1 - new version - security fix: CVE-2016-0739...

Tenable SecurityCenter < 5.4.0 Multiple Vulnerabilities (TNS-2016-12)

According to its self-reported version, the Tenable SecurityCenter application installed on the remote host is prior to 5.4.0. It is, therefore, affected by multiple vulnerabilities : - An arbitrary code execution vulnerability exists in the bundled version of libcurl due to using an insecure pat...

CVE-2016-0739

The CVE-2016-0739 issue affects libssh up to and including version 0.7.2 (pre-0.7.3). It truncates ephemeral secrets used in diffie-hellman-group1 and diffie-hellman-group14 key exchanges to 128 bits, enabling man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vector...

RHEL 7 : libssh (RHSA-2016:0566)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0566 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: A type confusion...

openSUSE Security Update : libssh (openSUSE-2016-394)

This update for libssh fixes the following issues : - CVE-2016-0739: Fix Weakness in diffie-hellman secret key generation. bsc965875 This fix was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in th...

SUSE SLED12 Security Update : libssh (SUSE-SU-2016:0625-1)

This update for libssh fixes the following issues : - CVE-2016-0739: Fix Weakness in diffie-hellman secret key generation. bsc965875 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

SUSE SLED11 Security Update : libssh (SUSE-SU-2016:0622-1)

This update for libssh fixes the following issues : - CVE-2016-0739: Fix Weakness in diffie-hellman secret key generation. bsc965875 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

SUSE-SU-2016:0625-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2016-0739: Fix Weakness in diffie-hellman secret key generation. bsc965875...

Updated libssh packages fix CVE-2016-0739

Updated libssh packages fix security vulnerability: libssh versions 0.1 and above have a bits/bytes confusion bug and generate an abnormally short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the...

Ubuntu 14.04 LTS : libssh vulnerabilities (USN-2912-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2912-1 advisory. Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash,...

[SECURITY] [DSA 3488-1] libssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3488-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 23, 2016 https://www.debian.org/security/faq -...

USN-2912-1 libssh vulnerabilities

Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service. CVE-2015-3146 Aris Adamantiadis discovered that libssh incorrectly generated ephemeral secret keys of 128 bits...

[SECURITY] [DLA 425-1] libssh security update

Package : libssh Version : 0.4.5-3+squeeze3 CVE ID : CVE-2016-0739 Aris Adamantiadis of the libssh team discovered that libssh, an SSH2 protocol implementation used by many applications, did not generate sufficiently long Diffie-Hellman secrets. This vulnerability could be...