1841 matches found
MGASA-2016-0082 Updated libssh packages fix CVE-2016-0739
Updated libssh packages fix security vulnerability: libssh versions 0.1 and above have a bits/bytes confusion bug and generate an abnormally short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the...
Debian DLA-425-1 : libssh security update
Aris Adamantiadis of the libssh team discovered that libssh, an SSH2 protocol implementation used by many applications, did not generate sufficiently long Diffie-Hellman secrets. This vulnerability could be exploited by an eavesdropper to decrypt and to intercept SSH sessions. For the oldoldstabl...
Ubuntu: Security Advisory (USN-2912-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-3488-1 : libssh - security update
Aris Adamantiadis discovered that libssh, a tiny C SSH library, incorrectly generated a short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits respectively...
Ubuntu 14.04 LTS : libssh vulnerabilities (USN-2912-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2912-1 advisory. Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash,...
[SECURITY] [DSA 3488-1] libssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3488-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 23, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3488-1] libssh security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3488-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 23, 2016 https://www.debian.org/security/faq -...
UBUNTU-CVE-2016-0739
libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...
CVE-2016-0739
libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...
USN-2912-1 libssh vulnerabilities
Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service. CVE-2015-3146 Aris Adamantiadis discovered that libssh incorrectly generated ephemeral secret keys of 128 bits...
USN-2912-1: libssh vulnerabilities
Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service. CVE-2015-3146 Aris Adamantiadis discovered that libssh incorrectly generated ephemeral secret keys of 128 bits...
[SECURITY] [DLA 425-1] libssh security update
Package : libssh Version : 0.4.5-3+squeeze3 CVE ID : CVE-2016-0739 Aris Adamantiadis of the libssh team discovered that libssh, an SSH2 protocol implementation used by many applications, did not generate sufficiently long Diffie-Hellman secrets. This vulnerability could be...
libssh: man-in-the-middle
libssh versions 0.1 and above have a bits/bytes confusion bug and generate the an anormaly short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits...
DSA-3488-1 libssh - security update
Bulletin has no description...
DLA-425-1 libssh - security update
Bulletin has no description...
libssh -- weak Diffie-Hellman secret generation
Andreas Schneider reports: libssh versions 0.1 and above have a bits/bytes confusion bug and generate an abnormally short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024...
SUSE SLED12 Security Update : libssh (SUSE-SU-2015:1707-2)
The encryption library libssh was updated to fix one security issue. The following vulnerability was fixed : - CVE-2015-3146: Unauthenticated remote attackers could crash the server or client with specially crafted packages. Note that Tenable Network Security has extracted the preceding descripti...
SUSE-SU-2015:1707-1 Security update for libssh
The encryption library libssh was updated to fix one security issue. The following vulnerability was fixed: CVE-2015-3146: Unauthenticated remote attackers could crash the server or client with specially crafted packages...
SUSE-SU-2015:1707-2 Security update for libssh
The encryption library libssh was updated to fix one security issue. The following vulnerability was fixed: CVE-2015-3146: Unauthenticated remote attackers could crash the server or client with specially crafted packages...
Gentoo Security Advisory GLSA 201408-03
Gentoo Linux Local Security Checks GLSA 201408-03 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...