1851 matches found
DEBIAN-CVE-2020-1730
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...
ALPINE-CVE-2020-1730
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...
CVE-2020-1730
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...
CVE-2020-1730
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...
Design/Logic Flaw
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...
CVE-2020-1730
The CVE-2020-1730 vulnerability affects libssh versions before 0.8.9 and before 0.9.4, caused by how AES-CTR (or DES, if enabled) ciphers are handled. If a connection isn’t fully initialized, cleaning up these ciphers on close can crash the server or client, impacting availability. Upgrading to l...
CVE-2020-1730
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...
CVE-2020-1730
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...
openSUSE: Security Advisory for libssh (openSUSE-SU-2020:0510-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2020-1730
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR or DES ciphers if enabled ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The bigges...
OPENSUSE-SU-2020:0510-1 Security update for libssh
This update for libssh fixes the following issues: - CVE-2020-1730: Fixed a possible denial of service when using AES-CTR bsc1168699. This update was imported from the SUSE:SLE-15-SP1:Update update project...
Security update for libssh (moderate)
openSUSE Security Update: Security update for libssh Announcement ID: openSUSE-SU-2020:0510-1 Rating: moderate References: 1168699 Cross-References: CVE-2020-1730 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for libssh fix...
libssh: Denial of service
Background libssh is a multiplatform C library implementing the SSHv2 protocol on client and server side. Description It was discovered that libssh could crash when AES-CTR ciphers are used. Impact A remote attacker running a malicious client or server could possibly crash the counterpart...
SUSE SLED15 / SLES15 Security Update : libssh (SUSE-SU-2020:0967-1)
This update for libssh fixes the following issues : CVE-2020-1730: Fixed a possible denial of service when using AES-CTR bsc1168699. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...
Libssh Resource Management Error Vulnerability
libssh is a C development package for accessing SSH services, which can execute remote commands, file transfers, and also provide a secure transmission channel for remote programs. A resource management error vulnerability exists in libssh versions prior to 0.8.9 and prior to 0.9.4, which stems...
SUSE SLES12 Security Update : libssh (SUSE-SU-2020:0968-1)
This update for libssh fixes the following issues : CVE-2020-1730: Fixed a possible denial of service when using AES-CTR bsc1168699. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...
Ubuntu 18.04 LTS : libssh vulnerability (USN-4327-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4327-1 advisory. Yasheng Yang discovered that libssh incorrectly handled AES-CTR ciphers. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a...
Ubuntu: Security Advisory (USN-4327-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4327-1: libssh vulnerability
Yasheng Yang discovered that libssh incorrectly handled AES-CTR ciphers. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service...
USN-4327-1 libssh vulnerability
Yasheng Yang discovered that libssh incorrectly handled AES-CTR ciphers. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service...