SUSE-SU-2024:0525-1 Security update for libssh

This update for libssh fixes the following issues: Update to version 0.9.8 jscPED-7719: Fix CVE-2023-6004: Command injection using proxycommand bsc1218209 Fix CVE-2023-48795: Potential downgrade attack using strict kex bsc1218126 Fix CVE-2023-6918: Missing checks for return values of MD functions...

SUSE: Security Advisory (SUSE-SU-2024:0525-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

RLSA-2024:0628 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 For more details about the security issues, including the impact, a CVSS score,...

Rocky Linux 8 : libssh (RLSA-2024:0628)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:0628 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1177)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1197)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : libssh (EulerOS-SA-2024-1177)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

EulerOS 2.0 SP9 : libssh (EulerOS-SA-2024-1197)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : bouncycastle, jsch (SUSE-SU-2024:0327-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0327-1 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other...

Ubuntu: Security Advisory (USN-6592-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6592-2 libssh vulnerabilities

USN-6592-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this...

USN-6592-2: libssh vulnerabilities

USN-6592-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this...

Ubuntu 16.04 ESM / 18.04 ESM : libssh vulnerabilities (USN-6592-2)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6592-2 advisory. USN-6592-1 fixed vulnerabilities in libssh. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tenable...

libssh security update

0.9.6-13 - Client and Server side mitigations CVE-2023-48795 - Strip extensions from both kex lists for matching CVE-2023-48795 - tests: Adjust calculation to strict kex CVE-2023-48795...

Oracle Linux 8 : libssh (ELSA-2024-0628)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-0628 advisory. - Client and Server side mitigations CVE-2023-48795 - Strip extensions from both kex lists for matching CVE-2023-48795 Tenable has extracted the preceding...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to libssh denial of service vulnerability [CVE-2023-3603]

Summary libssh denial of service vulnerability CVEID: CVE-2023-3603 have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-3603 DESCRIPTION:...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to libssh security bypass vulnerabilitiy [ CVE-2023-2283]

Summary Potential libssh security bypass vulnerabilitiy have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. CVE-2023-2283 Vulnerability Details CVEID:CVE-2023-2283 DESCRIPTION:...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...