44 matches found
MiracleLinux 7 : libssh2-1.8.0-4.el7 (AXSA:2020-562:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-562:01 advisory. libssh2: integer overflow in SSHMSGDISCONNECT logic in packet.c CVE-2019-17498 Tenable has extracted the preceding description block directly from the...
Siemens SIMATIC S7-1500 Integer Overflow or Wraparound (CVE-2019-17498)
In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a...
Linux Distros Unpatched Vulnerability : CVE-2019-17498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an...
Ubuntu 16.04 ESM : libssh2 vulnerabilities (USN-5308-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5308-1 advisory. It was discovered that libssh2 mishandled certain input. If libssh2 were used to connect to a malicious or compromised SSH server, a remote,...
[SECURITY] [DLA 3559-1] libssh2 security update
Debian LTS Advisory DLA-3559-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 08, 2023 https://wiki.debian.org/LTS Package : libssh2 Version : 1.8.0-2.1+deb10u1 CVE ID : CVE-2019-13115 CVE-2019-17498 CVE-2020-22218 Debian Bug : 932329 943562...
Oracle Linux 7 : libssh2 (ELSA-2020-3915)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-3915 advisory. - fix integer overflow in SSHMSGDISCONNECT logic CVE-2019-17498 - fix integer overflow in keyboard interactive handling that allows out-of-bounds writes...
BELL-CVE-2019-17498 CVE-2019-17498 does not affect BellSoft software
Bulletin has no description...
Ubuntu: Security Advisory (USN-5308-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-17498 affecting package libssh2 for versions less than 1.9.0-1
CVE-2019-17498 affecting package libssh2 for versions less than 1.9.0-1. A patched version of the package is available...
[SECURITY] [DLA 2848-1] libssh2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2848-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky December 17, 2021 https://wiki.debian.org/LTS -...
NewStart CGSL CORE 5.05 / MAIN 5.05 : libssh2 Vulnerability (NS-SA-2021-0173)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libssh2 packages installed that are affected by a vulnerability: - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an...
SUSE SLES11 Security Update : libssh2_org (SUSE-SU-2019:14206-1)
The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2019:14206-1 advisory. - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to...
SUSE: Security Advisory (SUSE-SU-2019:14206-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2936-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:3551-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM MQ Appliance is affected by a libssh2 vulnerability (CVE-2019-17498)
Summary IBM MQ Appliance has resolved a libssh2 vulnerability. Vulnerability Details CVEID: CVE-2019-17498 DESCRIPTION: libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when connecting to a malicious SSH server that sends a disconnect message. A remote attacker could...
Amazon Linux 2 : libssh2 (ALAS-2020-1531)
The version of libssh2 installed on the remote host is prior to 1.4.3-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1531 advisory. In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling...
Medium: libssh2
Issue Overview: In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive...
Scientific Linux Security Update : libssh2 on SL7.x x86_64 (20201001)
Security Fixes : - libssh2: integer overflow in SSHMSGDISCONNECT logic in packet.c CVE-2019-17498 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid141667; scriptversion"1.3";...
libssh2 security update
CentOS Errata and Security Advisory CESA-2020:3915 An update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...