33 matches found
MiracleLinux 8 : libssh-0.9.6-3.el8 (AXSA:2022-3399:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3399:01 advisory. libssh: possible heap-based buffer overflow when rekeying CVE-2021-3634 Tenable has extracted the preceding description block directly from the MiracleLinux...
TencentOS Server 3: libssh (TSSA-2022:0209)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0209 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
Alibaba Cloud Linux 3 : 0204: libssh (ALINUX3-SA-2022:0204)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2022:0204 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-3634: A flaw has been found in libssh in...
CVE-2021-3634 affecting package libssh 0.9.5-2
CVE-2021-3634 affecting package libssh 0.9.5-2. This CVE either no longer is or was never applicable...
libssh security update
0.9.6-14 - Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol BPP - Fix CVE-2023-6918 Missing checks for return values for digests - Fix CVE-2023-6004 ProxyCommand/ProxyJump features allow injection of malicious code through hostname - Note: version is bumped from 12 to 14...
SUSE SLES12 Security Update : libssh (SUSE-SU-2024:0539-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0539-1 advisory. Update to version 0.9.8 jscPED-7719: Fix CVE-2023-6004: Command injection using proxycommand bsc1218209 Fix CVE-2023-48795: Potenti...
SUSE: Security Advisory (SUSE-SU-2024:0539-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : libssh (SUSE-SU-2024:0525-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0525-1 advisory. Update to version 0.9.8 jscPED-7719: Fix CVE-2023-6004: Command injection using proxycommand bsc1218209 Fix CVE-2023-48795: Potenti...
SUSE: Security Advisory (SUSE-SU-2024:0525-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2023-1685023501 libssh: Fix of CVE-2021-3634
CVE-2021-3634: create a separate length for sessionid...
Security Bulletin: IBM QRadar SIEM Application Framework Base Image is vulnerable to using components with Known Vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID:CVE-2021-38185 DESCRIPTION: GNU cpio could allow a remote attacker to execute arbitrary code on the system, caused by an integer...
Security Bulletin: IBM App Connect Enterprise Certified Container operands may be vulnerable to arbitrary code execution due to CVE-2021-3634
Summary libssh is part of the base OS modules in all operand images in IBM App Connect Enterprise Certified Container. IBM App Connect Enterprise Certified Container is not directly vulnerable under standard operations, but custom use of the images may be vulnerable to arbitrary code execution...
Rocky Linux 8 : libssh (RLSA-2022:2031)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:2031 advisory. - A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them ...
Oracle Linux 8 : libssh (ELSA-2022-2031)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-2031 advisory. - Fix CVE-2021-3634: Fix possible heap-buffer overflow when rekeying with different key exchange mechanism Tenable has extracted the preceding description block...
libssh security, bug fix, and enhancement update
0.9.6-3 - Remove STI tests 0.9.6-2 - Remove bad patch causing errors - Adding BuildRequires for openssh SSHD support 0.9.6-1 - Fix CVE-2021-3634: Fix possible heap-buffer overflow when rekeying with different key exchange mechanism - Rebase to version 0.9.6 - Rename SSHDEXECUTABLE to SSHEXECUTABL...
AlmaLinux 8 : libssh (ALSA-2022:2031)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:2031 advisory. - A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is...
RHEL 8 : libssh (RHSA-2022:2031)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:2031 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been...
Low: Red Hat Security Advisory: libssh security, bug fix, and enhancement update
An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...
libssh security, bug fix, and enhancement update
An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...
ALSA-2022:2031 Low: libssh security, bug fix, and enhancement update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh 0.9.6. BZ1896651 Security Fixes: libssh: possible heap-based buffer overflow when rekeying CVE-2021-3634...