[slackware-security] libssh

New libssh packages are available for Slackware 14.0, and -current to fix security issues. Here are the details from the Slackware 14.0 ChangeLog: patches/packages/libssh-0.5.3-i486-1slack14.0.txz: Upgraded. This release fixes several security bugs. For more information, see:...

Slackware 14.0 / current : libssh (SSA:2012-341-02)

New libssh packages are available for Slackware 14.0, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2012-341-02. The text itself is copyright C...

Fedora 16 : libssh-0.5.3-1.fc16 (2012-18687)

This is an important SECURITY and maintenance release in order to address CVE-2012-4559, CVE-2012-4560, CVE-2012-4561 and CVE-2012-4562. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Mandriva Update for libssh MDVSA-2012:175 (libssh)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Mandriva Update for libssh MDVSA-2012:175 (libssh)

Check for the Version of libssh OpenVAS Vulnerability Test Mandriva Update for libssh MDVSA-2012:175 libssh Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Debian Security Advisory DSA 2577-1 (libssh)

The remote host is missing an update to libssh announced via advisory DSA 2577-1. OpenVAS Vulnerability Test $Id: deb25771.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2577-1 libssh Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian: Security Advisory (DSA-2577-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2577-1 : libssh - several vulnerabilities

Multiple vulnerabilities were discovered in libssh by Florian Weimer and Xi Wang : - CVE-2012-4559: multiple double free flaws - CVE-2012-4561: multiple invalid free flaws - CVE-2012-4562: multiple improper overflow checks Those could lead to a denial of service by making an SSH client linked to...

libssh multiple security vulnerabilities

Multiple memory corruptions...

[ MDVSA-2012:175 ] libssh

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2012:175 http://www.mandriva.com/security/ Package : libssh Date : November 29, 2012 Affected: 2011. Problem Description: Multiple double free, buffer overflow, invalid free and improper overflow checks...

[SECURITY] [DSA 2577-1] libssh security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2577-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez December 01, 2012 http://www.debian.org/security/faq -...

DSA-2577-1 libssh - several

Bulletin has no description...

CVE-2012-4562

Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service infinite loop or crash and possibly execute arbitrary code via unspecified vectors, which triggers a buffer overflow, infinite loop, or possibly some other unspecified vulnerabilities...

CVE-2012-4559

Multiple double free vulnerabilities in the 1 agentsigndata function in agent.c, 2 channelrequest function in channels.c, 3 sshuserauthpubkey function in auth.c, 4 sftpparseattr3 function in sftp.c, and 5 trypublickeyfromfile function in keyfiles.c in libssh before 0.5.3 allow remote attackers to...

CVE-2012-4561

The 1 publickeymakedss, 2 publickeymakersa, 3 signaturefromstring, 4 sshdosign, and 5 sshsignsessionid functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service crash via unspecified vectors...

DEBIAN-CVE-2012-4561

The 1 publickeymakedss, 2 publickeymakersa, 3 signaturefromstring, 4 sshdosign, and 5 sshsignsessionid functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service crash via unspecified vectors...

DEBIAN-CVE-2012-6063

Double free vulnerability in the sftpmkdir function in sftp.c in libssh before 0.5.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors, a different vector than CVE-2012-4559...

DEBIAN-CVE-2012-4559

Multiple double free vulnerabilities in the 1 agentsigndata function in agent.c, 2 channelrequest function in channels.c, 3 sshuserauthpubkey function in auth.c, 4 sftpparseattr3 function in sftp.c, and 5 trypublickeyfromfile function in keyfiles.c in libssh before 0.5.3 allow remote attackers to...

CVE-2012-4560

Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via unspecified vectors...

CVE-2012-4559

Multiple double free vulnerabilities in the 1 agentsigndata function in agent.c, 2 channelrequest function in channels.c, 3 sshuserauthpubkey function in auth.c, 4 sftpparseattr3 function in sftp.c, and 5 trypublickeyfromfile function in keyfiles.c in libssh before 0.5.3 allow remote attackers to...