Double free

Multiple double free vulnerabilities in the 1 agentsigndata function in agent.c, 2 channelrequest function in channels.c, 3 sshuserauthpubkey function in auth.c, 4 sftpparseattr3 function in sftp.c, and 5 trypublickeyfromfile function in keyfiles.c in libssh before 0.5.3 allow remote attackers to...

Buffer overflow

Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via unspecified vectors...

CVE-2012-4559

Multiple double free vulnerabilities in the 1 agentsigndata function in agent.c, 2 channelrequest function in channels.c, 3 sshuserauthpubkey function in auth.c, 4 sftpparseattr3 function in sftp.c, and 5 trypublickeyfromfile function in keyfiles.c in libssh before 0.5.3 allow remote attackers to...

CVE-2012-4560

Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via unspecified vectors...

CVE-2012-4561

The 1 publickeymakedss, 2 publickeymakersa, 3 signaturefromstring, 4 sshdosign, and 5 sshsignsessionid functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service crash via unspecified vectors...

CVE-2012-4562

Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service infinite loop or crash and possibly execute arbitrary code via unspecified vectors, which triggers a buffer overflow, infinite loop, or possibly some other unspecified vulnerabilities...

CVE-2012-6063

Double free vulnerability in the sftpmkdir function in sftp.c in libssh before 0.5.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors, a different vector than CVE-2012-4559...

CVE-2012-4559

CVE-2012-4559 applies to the libssh library. The issue comprises multiple double-free vulnerabilities in components of libssh (e.g., agent_sign_data, channel_request, ssh_userauth_pubkey, sftp_parse_attr_3, and keyfiles.c) that could cause a crash and potentially allow arbitrary code execution. A...

CVE-2012-6063

Technical details about CVE-2012-6063 (affected software, root cause, impact, and fixes) are not publicly provided in the supplied documents. Monitor for updates in connected advisories.

CVE-2012-4562

CVE-2012-4562 : The provided documents confirm a vulnerability in libssh involving multiple buffer overflow, double-free, and integer overflow issues. The root cause is memory-management/overflow flaws in libssh up to version 0.5.2, allowing a remote attacker to potentially crash the service or e...

CVE-2012-4561

Libssh: CVE-2012-4561 in libssh prior to 0.5.3 is caused by memory-management issues that free an invalid pointer on an error path, potentially enabling remote denial of service (crash). Several connected advisories also reference related CVEs (4559, 4560, 4562) and note memory-management flaws w...

CVE-2012-4560

CVE-2012-4560 refers to multiple memory-management vulnerabilities in libssh, including buffer overflows, reported in versions prior to 0.5.3. The public description notes that these flaws could allow a remote attacker to crash the library or possibly execute arbitrary code via unspecified vector...

CVE-2012-4562

Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service infinite loop or crash and possibly execute arbitrary code via unspecified vectors, which triggers a buffer overflow, infinite loop, or possibly some other unspecified vulnerabilities...

CVE-2012-4561

The 1 publickeymakedss, 2 publickeymakersa, 3 signaturefromstring, 4 sshdosign, and 5 sshsignsessionid functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service crash via unspecified vectors...

CVE-2012-4559

Multiple double free vulnerabilities in the 1 agentsigndata function in agent.c, 2 channelrequest function in channels.c, 3 sshuserauthpubkey function in auth.c, 4 sftpparseattr3 function in sftp.c, and 5 trypublickeyfromfile function in keyfiles.c in libssh before 0.5.3 allow remote attackers to...

CVE-2012-6063

Double free vulnerability in the sftpmkdir function in sftp.c in libssh before 0.5.3 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unspecified vectors, a different vector than CVE-2012-4559...

Mandriva Linux Security Advisory : libssh (MDVSA-2012:175)

Multiple double free, buffer overflow, invalid free and improper overflow checks vulnerabilities was found and corrected in libssh CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562. The updated packages have been upgraded to the 0.5.3 version which is not affected by these issues...

Ubuntu Update for libssh USN-1640-1

Ubuntu Update for Linux kernel vulnerabilities USN-1640-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN16401.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for libssh USN-1640-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Fedora 17 : libssh-0.5.3-1.fc17 (2012-18677)

This is an important SECURITY and maintenance release in order to address CVE-2012-4559, CVE-2012-4560, CVE-2012-4561 and CVE-2012-4562. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Fedora Update for libssh FEDORA-2012-18677

Check for the Version of libssh OpenVAS Vulnerability Test Fedora Update for libssh FEDORA-2012-18677 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...