796 matches found
[SECURITY] [DLA 2848-1] libssh2 security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2848-1 [email protected] https://www.debian.org/lts/security/ Anton Gladky December 17, 2021 https://wiki.debian.org/LTS -...
DLA-2848-1 libssh2 - security update
Bulletin has no description...
F5 Networks BIG-IP : libssh2 vulnerabilities (K90011301)
The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10.8 / 16.1.0. It is, therefore, affected by multiple vulnerabilities as referenced in the K90011301 advisory. CVE-2019-3856An integer overflow flaw, which could lead to an out of bounds write, was discovered in libss...
NewStart CGSL CORE 5.05 / MAIN 5.05 : libssh2 Vulnerability (NS-SA-2021-0173)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libssh2 packages installed that are affected by a vulnerability: - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an...
Security Bulletin: Vulnerabilities in libssh2 affect Power Hardware Management Console (CVE-2016-0787)
Summary libssh2 is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2016-0787 DESCRIPTION: libssh2 could provide weaker than expected security, caused by a type confusion error during the SSHv2 handshake resulting in the...
Security Bulletin: Vulnerability in libssh2 affects Power Hardware Management Console (CVE-2019-3862)
Summary libssh2 is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-3862 DESCRIPTION: An out of bounds read flaw was discovered in libssh2 in the way SSHMSGCHANNELREQUEST packets with an exit status message and no payload a...
Security Bulletin: Vulnerability in libssh2 CVE-2019-17498.
Summary libssh2 is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVE. Vulnerability Details CVEID: CVE-2019-17498 DESCRIPTION: libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when connecting to a malicious SSH server that sends a...
Advisory ROSA-SA-2021-1893
Software: libssh2 1.8.0 OS: Cobalt 7.9 CVE-ID: CVE-2019-13115 CVE-Crit: HIGH CVE-DESC: In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that can cause out-of-range reads when reading packets from the server. A remote attacker...
NewStart CGSL CORE 5.04 / MAIN 5.04 : libssh2 Vulnerability (NS-SA-2021-0026)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libssh2 packages installed that are affected by a vulnerability: - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an...
EulerOS Virtualization for ARM 64 3.0.2.0 : libssh2 (EulerOS-SA-2021-1384)
According to the version of the libssh2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A...
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2021-1384)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : virt:rhel (CESA-2019:1175)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:1175 advisory. - hardware: Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - hardware: Micro-architectural Load Port Data Sampling - Information Le...
Security Bulletin: IBM MQ Appliance is affected by a libssh2 vulnerability (CVE-2019-17498)
Summary IBM MQ Appliance has resolved a libssh2 vulnerability. Vulnerability Details CVEID: CVE-2019-17498 DESCRIPTION: libssh2 is vulnerable to a denial of service, caused by an out-of-bounds read when connecting to a malicious SSH server that sends a disconnect message. A remote attacker could...
Solaris SunSSH 11.0 x86 - libpam Remote Root
Exploit Title: Solaris SunSSH 11.0 x86 - libpam Remote Root Exploit Author: Hacker Fantastic Vendor Homepage: https://www.oracle.com/solaris/technologies/solaris11-overview.html Version: 11 Tested on: SunOS solaris 5.11 11.0 / SunSSH Solaris 10-11.0 x86 libpam remote root exploit CVE-2020-14871...
OPENSUSE-SU-2020:2126-1 Security update for libssh2_org
This update for libssh2org fixes the following issues: - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes: adds ECDSA keys and host key support when using OpenSSL adds ED25519 key and host key support when using OpenSSL 1.1.1 adds OpenSSH style key file reading adds AES...
SUSE-SU-2020:3551-1 Security update for libssh2_org
This update for libssh2org fixes the following issues: - Version update to 1.9.0: bsc1178083, jscSLE-16922 Enhancements and bugfixes: adds ECDSA keys and host key support when using OpenSSL adds ED25519 key and host key support when using OpenSSL 1.1.1 adds OpenSSH style key file reading adds AES...
Security Bulletin: IBM Security QRadar Packet Capture is vulnerable to Using Components with Known Vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. Vulnerability Details CVEID: CVE-2019-3855 DESCRIPTION: An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8....
Amazon Linux 2 : libssh2 (ALAS-2020-1531)
The version of libssh2 installed on the remote host is prior to 1.4.3-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1531 advisory. In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling...
Medium: libssh2
Issue Overview: In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive...
Scientific Linux Security Update : libssh2 on SL7.x x86_64 (20201001)
Security Fixes : - libssh2: integer overflow in SSHMSGDISCONNECT logic in packet.c CVE-2019-17498 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid141667; scriptversion"1.3";...