EUVD-2020-4276

Malware in sbrugna...

Denial Of Services (DoS)

libssh.so is vulnerable to Denial Of Services DoS. The vulnerability exists due to a null pointer dereference during rekeying with algorithm guessing, which allows an attacker to cause an application crash when the client initiates rekeying with the firstkexpacketfollows flag in the KEXINIT messa...

K57304814: OpenSSH vulnerability CVE-2016-8858

Security Advisory Description DISPUTED The kexinputkexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider...

SUSE CVE-2014-8132

Double free vulnerability in the sshpacketkexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet...

UBUNTU-CVE-2020-11939

In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concathashstring in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI...

CVE-2020-11939

In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concathashstring in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI...

CVE-2020-11939

CVE-2020-11939 affects nDPI (up to 3.2 Stable) where the SSH protocol dissector exposes multiple KEXINIT integer overflows. The underlying issue is a heap overflow in concat_hash_string in ssh.c, enabling an attacker to remotely influence heap layout and memory contents. The documented impact sta...

EulerOS 2.0 SP1 : openssh (EulerOS-SA-2017-1006)

According to the version of the openssh packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The kexinputkexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service memory consumption b...

OpenSSH 7.x < 7.4 Multiple Vulnerabilities

Binary data 9855.prm...

UBUNTU-CVE-2016-8858

The kexinputkexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."...

DEBIAN-CVE-2016-8858

The kexinputkexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."...

CVE-2016-8858

The kexinputkexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."...

CVE-2016-8858

The kexinputkexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."...

OpenSSH Remote Denial of Service Vulnerability (CNVD-2016-09674)

OpenSSH OpenBSD Secure Shell is a set of connection tools maintained by the OpenBSD Project Group for secure access to remote computers. OpenSSH has a memory exhaustion problem in the kexinputkexinit function during secret key exchange. an unauthenticated client can increase the memory allocation...

CVE-2016-8858

DISPUTED The kexinputkexinit function in kex.c in OpenSSH 6.x and 7.x through 7.3 allows remote attackers to cause a denial of service memory consumption by sending many duplicate KEXINIT requests. NOTE: a third party reports that "OpenSSH upstream does not consider this as a security issue."...

libssh2 kex_agree_methods function denial of service vulnerability

libssh2 is a C library that implements the SSH2 protocol. A security vulnerability in the libssh2 kexagreemethods function allows an attacker to crash an application via a specially crafted length value in the SSHMSGKEXINIT message...

DEBIAN-CVE-2015-1782

The kexagreemethods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service crash or have other unspecified impact via crafted length values in an SSHMSGKEXINIT packet...

UBUNTU-CVE-2015-1782

The kexagreemethods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service crash or have other unspecified impact via crafted length values in an SSHMSGKEXINIT packet...

USN-2478-1 libssh vulnerability

It was discovered that libssh incorrectly handled certain kexinit packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service...

USN-2478-1: libssh vulnerability

It was discovered that libssh incorrectly handled certain kexinit packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service...