MGASA-2015-0107 Updated libssh2 packages fix CVE-2015-1782

Updated libssh2 packages fix security vulnerability: Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in th...

Updated libssh2 packages fix CVE-2015-1782

Updated libssh2 packages fix security vulnerability: Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in th...

Debian DSA-3182-1 : libssh2 - security update

Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in the middle a real server and cause a client using the...

[SECURITY] [DSA 3182-1] libssh2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3182-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 11, 2015 http://www.debian.org/security/faq -...

[SECURITY] [DSA 3182-1] libssh2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3182-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 11, 2015 http://www.debian.org/security/faq -...

Debian Security Advisory DSA 3182-1 (libssh2 - security update)

Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in the middle a real server and cause a client using the...

DSA-3182-1 libssh2 - security update

Bulletin has no description...

Debian: Security Advisory (DSA-3182-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libssh2 -- denial of service vulnerability

Mariusz Ziulek reports: A malicious attacker could man in the middle a real server and cause libssh2 using clients to crash denial of service or otherwise read and use completely unintended memory areas in this process...

SuSE 11.3 Security Update : libssh2 (SAT Patch Number 8982)

This update of libssh fixes the following security issue : - When libssh operates in server mode, the randomness pool was not switched on fork, so two pools could operate on the same randomness and could generate the same keys. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive...

SuSE 11.2 Security Update : libssh2 (SAT Patch Number 7073)

This update of libssh fixes multiple integer overflows. CVE-2012-4562 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell,...

MDVA-2010:117 : flashplayer

Dependency problems was discovered on Mandriva Linux 2009.0 Powerpack x8664 which prevented the flashplayer and libsmbclient0 packages to install smoothly using MandrivaUpdate. This advisory provides the missing packages. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the...

openSUSE Security Update : libssh (libssh-1329)

Various overflow conditions have been fixed in libssh. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update libssh-1329. The text description of this plugin is C SUSE LLC...

GLSA-200903-21 : cURL: Arbitrary file access

The remote host is affected by the vulnerability described in GLSA-200903-21 cURL: Arbitrary file access David Kierznowski reported that the redirect implementation accepts arbitrary Location values when CURLOPTFOLLOWLOCATION is enabled. Impact : A remote attacker could possibly exploit this...

cURL: Arbitrary file access

Background cURL is a command line tool for transferring files with URL syntax, supporting numerous protocols. Description David Kierznowski reported that the redirect implementation accepts arbitrary Location values when CURLOPTFOLLOWLOCATION is enabled. Impact A remote attacker could possibly...