The vulnerability of the LibSSH library for client authentication, related to pointer dereferencing errors, allows a perpetrator to cause a service failure.

The vulnerability of the LibSSH client authentication library is related to pointer arithmetic errors. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

EulerOS 2.0 SP10 : libssh (EulerOS-SA-2023-2384)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...

EulerOS 2.0 SP10 : libssh (EulerOS-SA-2023-2358)

According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2384)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2023-2358)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Internet Bug Bounty: Potential NULL dereference in libssh's sftp server

A potential NULL dereference vulnerability was discovered in libssh's sftp server. This vulnerability could be exploited by a malicious client to cause a crash in the server's connection, potentially leading to a denial of service DoS condition. The vulnerability has been patched...

RLSA-2023:3839 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...

libssh security update

An update is available for libssh. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list libssh is a library which implements the SSH protocol. It can be used to...

Rocky Linux 8 : libssh (RLSA-2023:3839)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3839 advisory. - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denia...

USN-6138-1: libssh vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Philip Turnbull discovered that libssh incorrectly handled rekeying with algorithm guessing. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly...

AlmaLinux 8 : libssh (ALSA-2023:3839)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3839 advisory. - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial ...

libssh security update

0.9.6-10 - Add missing ci.fmf file - Related: rhbz2182251, rhbz2189742 0.9.6-9 - Fix covscan errors found at gating - Related: rhbz2182251, rhbz2189742 0.9.6-8 - Backport test fixing commits to make the build pass - Related: rhbz2182251, rhbz2189742 0.9.6-7 - Fix NULL dereference during rekeying...

Oracle Linux 8 : libssh (ELSA-2023-3839)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3839 advisory. - Fix NULL dereference during rekeying with algorithm guessing GHSL-2023-032 / CVE-2023-1667 - Fix possible authentication bypass GHSL 2023-085 /...

libssh: authorization bypass in pki_verify_data_signature

A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepkiverifydatasignature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the retu...

libssh: NULL pointer dereference during rekeying with algorithm guessing

A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

ALSA-2023:3839 Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...

RHEL 8 : libssh (RHSA-2023:3839)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3839 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh:...

Moderate: libssh security update

libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...

Amazon Linux 2023 : libssh, libssh-config, libssh-devel (ALAS2023-2023-186)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-186 advisory. A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service. CVE-2023-1667 A vulnerability...