Lucene search
K

893 matches found

OSV
OSV
added 2016/02/23 12:0 a.m.33 views

DSA-3487-1 libssh2 - security update

Bulletin has no description...

5.9CVSS6AI score0.02697EPSS
Exploits0
OSV
OSV
added 2016/02/23 12:0 a.m.27 views

DLA-426-1 libssh2 - security update

Bulletin has no description...

5.9CVSS6AI score0.02697EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/12/22 12:0 a.m.43 views

Scientific Linux Security Update : libssh2 on SL7.x x86_64 (20151119)

A flaw was found in the way the kexagreemethods function of libssh2 performed a key exchange when negotiating a new SSH session. A man-in-the- middle attacker could use a crafted SSHMSGKEXINIT packet to crash a connecting libssh2 client. CVE-2015-1782 This update also fixes the following bugs : -...

6.8CVSS7AI score0.03501EPSS
Exploits0References2
Cent OS
Cent OS
added 2015/11/30 7:41 p.m.84 views

libssh2 security update

CentOS Errata and Security Advisory CESA-2015:2140 Updated libssh2 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base scor...

6.8CVSS6.8AI score0.03501EPSS
Exploits0References7
ALT Linux
ALT Linux
added 2015/11/25 12:0 a.m.68 views

Security fix for the ALT Linux 8 package libssh2 version 1.4.3-alt2

Nov. 25, 2015 Anton V. Boyarshinov 1.4.3-alt2 - CVE-2015-1782 fixed...

6.8CVSS6.2AI score0.03501EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/11/24 12:0 a.m.33 views

Oracle Linux 7 : libssh2 (ELSA-2015-2140)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2140 advisory. - check length of data extracted from the SSHMSGKEXINIT packet CVE-2015-1782 Tenable has extracted the preceding description block directly from the Oracle Linu...

6.8CVSS7.4AI score0.03501EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/11/24 12:0 a.m.15 views

Oracle: Security Advisory (ELSA-2015-2140)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS8.7AI score0.03501EPSS
Exploits0References2
Oracle linux
Oracle linux
added 2015/11/23 12:0 a.m.38 views

libssh2 security and bug fix update

1.4.3-10 - check length of data extracted from the SSHMSGKEXINIT packet CVE-2015-1782 1.4.3-9 - curl consumes too much memory during scp download 1080459 - prevent a not-connected agent from closing STDIN 1147717...

6.8CVSS1.7AI score0.03501EPSS
Exploits0
OpenVAS
OpenVAS
added 2015/11/20 12:0 a.m.26 views

RedHat Update for libssh2 RHSA-2015:2140-07

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS9.2AI score0.03501EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2015/11/19 3:17 a.m.32 views

Low: Red Hat Security Advisory: libssh2 security and bug fix update

Updated libssh2 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.8CVSS6.8AI score0.03501EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2015/11/19 3:17 a.m.5 views

libssh2: Using SSH_MSG_KEXINIT data unbounded

A flaw was found in the way the kexagreemethods function of libssh2 performed a key exchange when negotiating a new SSH session. A man-in-the-middle attacker could use a crafted SSHMSGKEXINIT packet to crash a connecting libssh2 client...

6.8CVSS5.7AI score0.03501EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/11/19 12:0 a.m.36 views

RHEL 7 : libssh2 (RHSA-2015:2140)

Updated libssh2 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

6.8CVSS7.2AI score0.03501EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/09/23 12:0 a.m.28 views

FreeBSD : libssh2 -- denial of service vulnerability (9770d6ac-614d-11e5-b379-14dae9d210b8)

Mariusz Ziulek reports : A malicious attacker could man in the middle a real server and cause libssh2 using clients to crash denial of service or otherwise read and use completely unintended memory areas in this process. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

6.8CVSS7.3AI score0.03501EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.19 views

Fedora Update for libssh2 FEDORA-2015-3757

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS9.2AI score0.03501EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2015/04/28 12:0 a.m.7 views

The vulnerability of the SUSE Linux Enterprise operating system allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the libssh2 package in the SUSE Linux Enterprise operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...

7.5CVSS5.4AI score0.12849EPSS
Exploits0References2
ArchLinux
ArchLinux
added 2015/04/09 12:0 a.m.71 views

libssh2: out-of-bounds read

When negotiating a new SSH session with a remote server, one of libssh2's functions for doing the key exchange kexagreemethods was naively reading data from the incoming packet and using it without doing sufficient range checks. The SSHMSGKEXINIT packet arrives to libssh2 with a set of strings,...

6.8CVSS3.4AI score0.03501EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2015/03/31 12:0 a.m.28 views

Fedora Update for libssh2 FEDORA-2015-3791

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS9.2AI score0.03501EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/03/31 12:0 a.m.43 views

Fedora 20 : libssh2-1.5.0-1.fc20 (2015-3791)

This update, to the current upstream release version, contains numerous bug fixes and enhancements as described in the RELEASE-NOTES file. These include a security fix for CVE-2015-1782 : A malicious attacker could man in the middle a real server and cause libssh2-using clients to crash denial of...

6.8CVSS7.3AI score0.03501EPSS
Exploits0References4
Fedora
Fedora
added 2015/03/30 7:12 a.m.37 views

[SECURITY] Fedora 20 Update: libssh2-1.5.0-1.fc20

libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...

6.8CVSS2.3AI score0.03501EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.31 views

Mandriva Linux Security Advisory : libssh2 (MDVSA-2015:148-1)

Updated libssh2 packages fix security vulnerability : Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in t...

6.8CVSS7.4AI score0.03501EPSS
Exploits0References2
Rows per page
Query Builder