1851 matches found
DEBIAN-CVE-2019-14889
A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence...
CVE-2019-14889
A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence...
Command injection
A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence...
USN-4219-1: libssh vulnerability
It was discovered that libssh incorrectly handled certain scp commands. If a user or automated system were tricked into using a specially-crafted scp command, a remote attacker could execute arbitrary commands on the server...
USN-4219-1 libssh vulnerability
It was discovered that libssh incorrectly handled certain scp commands. If a user or automated system were tricked into using a specially-crafted scp command, a remote attacker could execute arbitrary commands on the server...
CVE-2019-14889
A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence...
UBUNTU-CVE-2019-14889
A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence...
CVE-2019-14889
A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence...
CVE-2019-14889
The CVE-2019-14889 flaw affects libssh where the API function ssh_scp_new() can be misused when the third parameter is user-controlled. Versions before 0.9.3 and before 0.8.8 are vulnerable: during SCP client-server interaction the server may execute a scp command that includes a user-provided pa...
CVE-2019-14889
A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence...
CVE-2019-14889
A flaw was found with the libssh API function sshscpnew in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence...
libssh -- Unsanitized location in scp could lead to unwanted command execution
The libssh team reports: In an environment where a user is only allowed to copy files and not to execute applications, it would be possible to pass a location which contains commands to be executed in additon. When the libssh SCP client connects to a server, the scp command, which includes a...
curl security and bug fix update
7.61.1-11 - rebuild with updated annobin to prevent Execshield RPMDiff check from failing 7.61.1-10 - fix SMTP end-of-response out-of-bounds read CVE-2019-3823 - fix NTLMv2 type-3 header stack buffer overflow CVE-2019-3822 - fix NTLM type-2 out-of-bounds buffer read CVE-2018-16890 - xattr: strip...
EulerOS 2.0 SP3 : libssh (EulerOS-SA-2019-2067)
According to the version of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without...
libssh:libssh_server_fuzzer: Use-of-uninitialized-value in ssh_buffer_unpack_va
Project: https://git.libssh.org/projects/libssh.git Detailed Report: https://oss-fuzz.com/testcase?key=5661411098755072 Project: libssh Fuzzing Engine: libFuzzer Fuzz Target: libsshserverfuzzer Job Type: libfuzzermsanlibssh Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address:...
Fedora Update for libssh FEDORA-2018-6b390ceb36
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Darksplitz - Exploit Framework
This tools is continued from Nefix, DirsPy and Xmasspy project. Installation Will work fine in the debian shade operating system, like Backbox, Ubuntu or Kali linux. 1. $ git clone https://github.com/koboi137/darksplitz 2. $ cd darksplitz/ 3. $ sudo ./install.sh Features Extract mikrotik credenti...
openSUSE Security Update : libssh (openSUSE-2019-806)
This update for libssh fixes the following issues : - CVE-2018-10933: Fixed a server mode authentication bypass bsc1108020. This update was imported from the SUSE:SLE-15:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Libssh Releases Update to Patch 9 New Security Vulnerabilities
Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a total of nine security vulnerabilities. The Libssh2 library is available for all major distributors of the Linux operating systems, including Ubuntu, Re...
LibSSH 0.7.6 / 0.8.4 Unauthorized Access
!/usr/bin/env python3 import sys import paramiko import socket import logging pip3 install paramiko==2.0.8 logging.basicConfigstream=sys.stdout, level=logging.DEBUG logging.basicConfigstream=sys.stdout bufsize = 2048 def executehostname, port, command: sock = socket.socket try:...