CentOS 8 : libssh (CESA-2024:0628)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2024:0628 advisory. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks...

RHEL 8 : libssh (RHSA-2024:0625)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0625 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: ssh: Prefix...

ALSA-2024:0628 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 For more details about the security issues, including the impact, a CVSS score,...

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: ssh: Prefix truncation attack on Binary Packet Protocol BPP CVE-2023-48795 For more details about the security issues, including the impact, a CVSS score,...

RHEL 8 : libssh (RHSA-2024:0628)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0628 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: ssh: Prefix...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to libssh denial of service vulnerabilitiy [ CVE-2023-1667]

Summary Potential libssh denial of service vulnerabilitiy have been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability have been addressed. Refer to details for additional information. CVE-2023-1667 Vulnerability Details CVEID:CVE-2023-1667 DESCRIPTION:...

Advisory ROSA-SA-2024-2333

Software: libssh 0.9.6 OS: ROSA Virtualization 2.1 packageevrstring: libssh-0.9.6-10.rv3.src.rpm CVE-ID: CVE-2021-3634 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: A bug was discovered in libssh for versions prior to 0.9.6. The SSH protocol keeps track of two shared secrets throughout a session. One ...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

libssh: authorization bypass in pki_verify_data_signature

A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepkiverifydatasignature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the retu...

libssh: NULL pointer dereference during rekeying with algorithm guessing

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...

RHEL 8 : libssh (RHSA-2024:0538)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0538 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...

Fedora 39 : prometheus-podman-exporter (2024-a53b24023d)

The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-a53b24023d advisory. Security fix for CVE-2023-48795 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

OESA-2024-1104 libssh security update

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, transfer files, use a secure and transparent tunnel for your remote...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Debian dla-3719 : php-seclib - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3719 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3719-1 [email protected] https://www.debian.org/lts/security/...

RHEL 9 : libssh (RHSA-2024:0499)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0499 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: ssh: Prefix...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : Paramiko vulnerability (USN-6598-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has a package installed that is affected by a vulnerability as referenced in the USN-6598-1 advisory. Fabian Bumer, Marcus Brinkmann, Jrg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacke...

Ubuntu: Security Advisory (USN-6592-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6592-1 libssh vulnerabilities

It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this issue to inject malicious code into the command of the features mentioned through the hostname parameter. CVE-2023-6004 It was discovered that libssh incorrectl...

USN-6592-1: libssh vulnerabilities

It was discovered that libssh incorrectly handled the ProxyCommand and the ProxyJump features. A remote attacker could possibly use this issue to inject malicious code into the command of the features mentioned through the hostname parameter. CVE-2023-6004 It was discovered that libssh incorrectl...