6 matches found
K15504: OpenSSH vulnerability CVE-2014-1692
Security Advisory Description The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecifie...
OpenSSH 'schnorr.c' Remote Memory Corruption Vulnerability
OpenSSH is prone to a remote memory-corruption vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...
OpenSSH 'schnorr.c'远程内存破坏漏洞
BUGTRAQ ID: 65230 CVECAN ID: CVE-2014-1692 OpenSSH是SSH协议的开源实现。 OpenSSH 6.4版本及之前版本,如果Makefile.inc修改为启用J-PAKE协议,schnorr.c内的hashbuffer函数就不会初始化某些数据结构,这可使远程攻击者造成拒绝服务(内存破坏)。 0 OpenSSH OpenSSH 6.4 厂商补丁: OpenSSH ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.openssh.com/...
CVE-2014-1692
The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...
Design/Logic Flaw
The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...
CVE-2014-1692
The hashbuffer function in schnorr.c in OpenSSH through 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of service memory corruption or have unspecified other impact via vectors tha...