9 matches found
RHEL 6 : libssh (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 - A flaw was found in the libssh...
K000138682: libssh vulnerability CVE-2023-2283
Security Advisory Description A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepkiverifydatasignature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The...
EulerOS Virtualization 2.11.0 : libssh (EulerOS-SA-2023-2759)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated...
Moderate: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...
EulerOS 2.0 SP9 : libssh (EulerOS-SA-2023-2586)
According to the versions of the libssh package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a...
Moderate: libssh security update
libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. Security Fixes: libssh: NULL pointer dereference during rekeying with algorithm guessing CVE-2023-1667 libssh: authorization bypass in pkiverifydatasignature CVE-2023-2283 For more...
Authentication flaw
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in thepkiverifydatasignature function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the retu...
CVE-2023-2283
CVE-2023-2283 affects libssh. The issue is in pki_verify_data_signature where memory allocation problems can bypass authentication, potentially allowing an SSH session to be established when it should be denied (impact noted by F5 for BIG-IP, NEXT, Traffix SDC, etc.). Affected code path involves ...
Updated libssh packages fix security vulnerability
Potential NULL dereference during rekeying with algorithm guessing. CVE-2023-1667 Authorization bypass in pkiverifydatasignature. CVE-2023-2283...