1851 matches found
Important Photon OS Security Update - PHSA-2023-3.0-0645
Updates of 'libssh', 'vim', 'xerces-c' packages of Photon OS have been released...
Important Photon OS Security Update - PHSA-2023-4.0-0466
Updates of 'libssh', 'linux-secure', 'linux', 'linux-rt', 'apache-tomcat' packages of Photon OS have been released...
Critical Photon OS Security Update - PHSA-2023-5.0-0089
Updates of 'libssh', 'openvswitch', 'sqlite' packages of Photon OS have been released...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2651)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2693)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerabilities in Linux kernel, libssh, and Java can affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in Linux kernel, libssh, and Java. Vulnerabilities include denial of service, elevated privileges, crashes, execute arbitrary code on the system, obtaining sensitive kernel information, network attacks, bypassing authentication,...
EulerOS 2.0 SP9 : libssh (EulerOS-SA-2023-2586)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...
EulerOS 2.0 SP9 : libssh (EulerOS-SA-2023-2616)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2586)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2616)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CLSA-2023-1691084775 libssh: Fix of 2 CVEs
CVE-2023-2283: fix the authentication check - CVE-2023-1667: refactor the algorithm guessing to avoid NULL dereference - improve tests...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2561)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2542)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.0 : libssh (EulerOS-SA-2023-2561)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated...
EulerOS Virtualization 2.10.1 : libssh (EulerOS-SA-2023-2542)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated...
Security Bulletin: IBM MQ Operator and Queue manager container images are vulnerable to multiple vulnerabilities from openssl-libs, libssh, libarchive, sqlite and go-toolset
Summary Multiple issues were identified in Red Hat UBI packages openssl-libs, libssh, libarchive, sqlite and go-toolset that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images CVE-2020-24736, CVE-2020-29652, CVE-2022-32189, CVE-2023-2283, CVE-2022-36227, CVE-2023-2453...
Security Bulletin: IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service and security restriction bypass due to [CVE-2023-2283], [CVE-2023-1667]
Summary libssh is found in the IBM App Connect Enterprise Certified Container images as part of the base operating system. IBM App Connect Enterprise Certified Container operands are vulnerable to denial of service and security restriction bypass. This bulletin provides patch information to addre...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS due to a missing allocation check in sftp server processing read requests. A malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which is not being checked for failure. For...
libssh 安全漏洞
libssh is a C development package from the libssh organization for accessing SSH services, which can perform remote commands, file transfers, and also provide a secure transport channel for remote programs. A security vulnerability exists in libssh that stems from a lack of allocation checking in...
CVE-2023-3603
A missing allocation check in sftp server processing read requests may cause a NULL dereference on low-memory conditions. The malicious client can request up to 4GB SFTP reads, causing allocation of up to 4GB buffers, which was not being checked for failure. This will likely crash the authenticat...