377 matches found
Debian DLA-611-1 : jsch security update
It was discovered that there was a path traversal vulnerability in jsch, a pure Java implementation of the SSH2 protocol. For Debian 7 'Wheezy', this issue has been fixed in jsch version 0.1.42-2+deb7u1. We recommend that you upgrade your jsch packages. NOTE: Tenable Network Security has extracte...
DLA-611-1 jsch - security update
Bulletin has no description...
[SECURITY] Fedora 23 Update: libssh2-1.6.0-4.fc23
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
[SECURITY] [DSA 3487-1] libssh2 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3487-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 23, 2016 https://www.debian.org/security/faq -...
[SECURITY] [DLA 426-1] libssh2 security update
Package : libssh2 Version : 1.2.6-1+deb6u2 CVE ID : CVE-2016-0787 Andreas Schneider reported that libssh2, an SSH2 protocol implementation used by many applications, did not generate sufficiently long Diffie-Hellman secrets. This vulnerability could be exploited by an...
[SECURITY] [DLA 425-1] libssh security update
Package : libssh Version : 0.4.5-3+squeeze3 CVE ID : CVE-2016-0739 Aris Adamantiadis of the libssh team discovered that libssh, an SSH2 protocol implementation used by many applications, did not generate sufficiently long Diffie-Hellman secrets. This vulnerability could be...
DSA-3487-1 libssh2 - security update
Bulletin has no description...
DLA-426-1 libssh2 - security update
Bulletin has no description...
libssh2 security update
CentOS Errata and Security Advisory CESA-2015:2140 Updated libssh2 packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base scor...
Oracle Linux 7 : libssh2 (ELSA-2015-2140)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2140 advisory. - check length of data extracted from the SSHMSGKEXINIT packet CVE-2015-1782 Tenable has extracted the preceding description block directly from the Oracle Linu...
Sysax Multi Server 6.40 - SSH Component Denial of Service
''' Exploit title: Sysax Multi Server 6.40 ssh component denial of service vulnerability Date: 29-8-2015 Vendor homepage: http://www.sysax.com Software Link: http://www.sysax.com/download/sysaxservsetup.msi Version: 6.40 Author: 3unnym00n Details: ---------------------------------------------- by...
[SECURITY] Fedora 20 Update: libssh2-1.5.0-1.fc20
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
Mandriva Linux Security Advisory : libssh2 (MDVSA-2015:148-1)
Updated libssh2 packages fix security vulnerability : Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in t...
CVE-2015-2157
The 1 ssh2loaduserkey and 2 ssh2saveuserkey functions in PuTTY 0.51 through 0.63 do not properly wipe SSH-2 private keys from memory, which allows local users to obtain sensitive information by reading the memory...
Debian DLA-171-1 : libssh2 security update
Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in the middle a real server and cause a client using the...
[SECURITY] Fedora 21 Update: libssh2-1.5.0-1.fc21
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
[SECURITY] Fedora 22 Update: libssh2-1.5.0-1.fc22
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
[SECURITY] [DSA 3182-1] libssh2 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3182-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso March 11, 2015 http://www.debian.org/security/faq -...
[SECURITY] [DLA 171-1] libssh2 security update
Package : libssh2 Version : 1.2.6-1+deb6u1 CVE ID : CVE-2015-1782 Debian Bug : 780249 Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSHMSGKEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A...
DLA-171-1 libssh2 - security update
Bulletin has no description...