Critical Photon OS Security Update - PHSA-2020-0047

Updates of 'sysstat', 'unbound', 'ruby', 'ncurses', 'git', 'haproxy', 'libxslt', 'libssh2', 'oniguruma' packages of Photon OS have been released...

Photon OS 2.0: Libssh2 PHSA-2019-2.0-0196

An update of the libssh2 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0196. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 1.0: Libssh2 PHSA-2019-1.0-0263

An update of the libssh2 package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-1.0-0263. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Critical Photon OS Security Update - PHSA-2020-3.0-0047

Updates of 'libxslt', 'ncurses', 'libssh2', 'unbound', 'sysstat', 'oniguruma', 'haproxy', 'ruby', 'git' packages of Photon OS have been released...

EulerOS Virtualization for ARM 64 3.0.5.0 : libssh2 (EulerOS-SA-2020-1089)

According to the version of the libssh2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check,...

Security Bulletin: IBM WebSphere Cast Iron Solution & App Connect Professional is affected by Open Source vulnerabilities

Summary IBM WebSphere Cast Iron Solution & App Connect Professional has addressed the reported open source vulnerabilities. Vulnerability Details CVEID: CVE-2019-3863 DESCRIPTION: A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose...

Fedora Update for libssh2 FEDORA-2019-91529f19e4

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2019-3863

A flaw was found in libssh2. A server could send a multiple keyboard interactive response messages, whose total length are greater than the unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. The highest threat from this...

CVE-2019-3861

An out of bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0252)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libssh2 packages installed that are affected by multiple vulnerabilities: - An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attack...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0196

An update of 'libmspack', 'git', 'oniguruma', 'ruby', 'libssh2', 'libxslt' packages of Photon OS has been released...

EulerOS 2.0 SP3 : libssh2 (EulerOS-SA-2019-2618)

According to the version of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to...

EulerOS 2.0 SP5 : libssh2 (EulerOS-SA-2019-2536)

According to the version of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to...

EulerOS 2.0 SP2 : libssh2 (EulerOS-SA-2019-2473)

According to the version of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to...

MGASA-2019-0343 Updated libssh2 packages fix security vulnerability

The updated packages fix a security vulnerability: In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server may be...

Updated libssh2 packages fix security vulnerability

The updated packages fix a security vulnerability: In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server may be...

EulerOS 2.0 SP8 : libssh2 (EulerOS-SA-2019-2287)

According to the version of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In libssh2 v1.9.0 and earlier versions, the SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to...

Fedora Update for libssh2 FEDORA-2019-ec04c34768

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: libssh2-1.9.0-3.fc30

libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...

Debian DLA-1991-1 : libssh2 security update

In libssh2, SSHMSGDISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary out-of-bounds offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on th...