DEBIAN-CVE-2015-3146

The 1 SSHMSGNEWKEYS and 2 SSHMSGKEXDHREPLY packet handlers in packagecb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted SSH packet...

CVE-2015-3146

The 1 SSHMSGNEWKEYS and 2 SSHMSGKEXDHREPLY packet handlers in packagecb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted SSH packet...

Type confusion

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...

CVE-2016-0739

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...

CVE-2015-3146

The 1 SSHMSGNEWKEYS and 2 SSHMSGKEXDHREPLY packet handlers in packagecb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted SSH packet...

CVE-2016-0739

The CVE-2016-0739 issue affects libssh up to and including version 0.7.2 (pre-0.7.3). It truncates ephemeral secrets used in diffie-hellman-group1 and diffie-hellman-group14 key exchanges to 128 bits, enabling man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vector...

CVE-2015-3146

The CVE-2015-3146 issue affects libssh up to version 0.6.4 (pre-0.6.5). The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY handlers in package_cb.c do not properly validate state, enabling a crafted SSH packet to trigger a NULL pointer dereference and cause a denial of service (crash). Affected ...

CVE-2015-3146

The 1 SSHMSGNEWKEYS and 2 SSHMSGKEXDHREPLY packet handlers in packagecb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted SSH packet...

CVE-2016-0739

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the 1 diffie-hellman-group1 and 2 diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...

Libssh Type Obfuscation Vulnerability

libssh is a C development package for accessing SSH services, which can execute remote commands, file transfers, and also provide a secure transmission channel for remote programs. A type-obfuscation vulnerability exists in versions of libssh prior to 0.7.3, which stems from a type-obfuscation...

RHEL 7 : libssh (RHSA-2016:0566)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2016:0566 advisory. libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: A type confusion...

libssh: bits/bytes confusion resulting in truncated Difffie-Hellman secret length

A type confusion issue was found in the way libssh generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters...

Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

openSUSE Security Update : libssh (openSUSE-2016-394)

This update for libssh fixes the following issues : - CVE-2016-0739: Fix Weakness in diffie-hellman secret key generation. bsc965875 This fix was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in th...

Fedora 22 : libssh-0.7.3-1.fc22 (2016-dc9e8da03c)

Fix CVE-2016-0739 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable Networ...

openSUSE Security Update : libssh (openSUSE-2016-328)

This update for libssh fixes the following issues : - CVE-2016-0739: Fix Weakness in diffie-hellman secret key generation. bsc965875 This update was imported from the SUSE:SLE-12:Update update project. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...

[SECURITY] Fedora 22 Update: libssh-0.7.3-1.fc22

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, tra nsfer files, use a secure and transparent tunnel for your remote...

Debian Security Advisory DSA 3488-1 (libssh - security update)

Aris Adamantiadis discovered that libssh, a tiny C SSH library, incorrectly generated a short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits respectively...

Debian: Security Advisory (DSA-3488-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : libssh -- weak Diffie-Hellman secret generation (6b3591ea-e2d2-11e5-a6be-5453ed2e2b49)

Andreas Schneider reports : libssh versions 0.1 and above have a bits/bytes confusion bug and generate an abnormally short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. The resulting secret is 128 bits long, instead of the recommended sizes of 102...