DSA-4965-1 libssh - security update

Bulletin has no description...

Denial Of Service

libssh is vulnerable to denial of service. The vulnerability exists due to authentication function which is using the buffer size of the initial secret key which can cause a heap-buffer overflow...

Vulnerability fixed in libssh

A vulnerability has been fixed in libssh. A malicious party could potentially exploit the vulnerability to cause a denial-of-service cause or execute arbitrary code with the privileges of application that uses libssh. It is good practice to apply the principle of "privilege separation" to this ty...

Ubuntu: Security Advisory (USN-5053-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5053-1: libssh vulnerability

It was discovered that libssh incorrectly handled rekeying. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-5053-1 libssh vulnerability

It was discovered that libssh incorrectly handled rekeying. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code...

CVE-2021-3634

A flaw has been found in libssh. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept and used as an input to new...

libssh -- possible heap-buffer overflow vulnerability

libssh security advisories: The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept and used as an input to new...

UBUNTU-CVE-2021-3634

A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept...

Ubuntu 20.04 LTS : libssh vulnerability (USN-5053-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5053-1 advisory. It was discovered that libssh incorrectly handled rekeying. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or...

Libssh 缓冲区错误漏洞

Libssh is a C development package from the Libssh organization for accessing SSH services, which can execute remote commands, file transfers, and provide a secure transport channel for remote programs. libssh is vulnerable to a buffer overflow vulnerability, which stems from the fact that libssh...

CVE-2021-3634

A flaw has been found in libssh in versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets during the lifetime of the session. One of them is called secrethash and the other sessionid. Initially, both of them are the same, but after key re-exchange, previous sessionid is kept...

Security fix for the ALT Linux 9 package libssh version 0.9.5-alt1

0.9.5-alt1 built July 30, 2021 Nikolai Kostrigin in task 277424 May 12, 2021 Sergey V Turchin - new version - security fixes: CVE-2020-16135...

The vulnerability of component tftpserver.c in the client authentication library libssh, related to pointer dereferencing errors, allows a perpetrator to cause a service failure.

The vulnerability of the tftpserver.c component in the client authentication library libssh is related to pointer dereferencing errors. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

SUSE: Security Advisory (SUSE-SU-2019:3293-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:3267-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3162-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0967-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:0129-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for CVE-2018-10933

PoC exploit for CVE-2018-10933, a vulnerability in libSSH that allows authentication bypass. The target product/service is libSSH, a free and open-source implementation of the Secure Shell protocol. The vulnerability class/vector is authentication bypass, allowing an attacker to spawn a shell...