27 matches found
CLSA-2026-1778745959 libssh2: Fix of CVE-2026-7598
CVE-2026-7598: add usernamelen/passwordlen bounds checks in userauthlist and userauthpassword to prevent integer overflow when allocating the SSH USERAUTHREQUEST packet buffer...
CLSA-2026-1778247114 libssh2: Fix of CVE-2026-7598
CVE-2026-7598: fix integer overflow in userauthpassword CVE-2026-7598...
Azure Linux 3.0 Security Update: CBL-Mariner Releases (CVE-2026-7598)
The version of CBL-Mariner Releases installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2026-7598 advisory. - A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the...
SUSE CVE-2026-7598
A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...
libssh2 userauth.c userauth_password integer overflow
...
CVE-2026-7598
A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...
CVE-2026-7598
A security vulnerability has been detected in libssh2 up to 1.11.1. The impacted element is the function userauthpassword of the file src/userauth.c. Such manipulation of the argument usernamelen/passwordlen leads to integer overflow. The attack may be launched remotely. The name of the patch is...
EUVD-2002-2383
Malware in sbrugna...
CVE-2002-2405
Check Point FireWall-1 4.1 and Next Generation NG, with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall...
SUSE CVE-2006-4925
packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service crash by sending an invalid protocol sequence with USERAUTHSUCCESS before NEWKEYS, which causes newkeysmode to be NULL...
Fedora Update for libssh2 FEDORA-2019-5885663621
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 29 Update: libssh2-1.9.0-1.fc29
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
[SECURITY] Fedora 30 Update: libssh2-1.9.0-1.fc30
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
[SECURITY] Fedora 28 Update: libssh2-1.8.1-1.fc28
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
UBUNTU-CVE-2018-15599
The recvmsguserauthrequest function in svr-auth.c in Dropbear through 2018.76 is prone to a user enumeration vulnerability because username validity affects how fields in SSHMSGUSERAUTH messages are handled, a similar issue to CVE-2018-15473 in an unrelated codebase...
[SECURITY] Fedora 22 Update: libssh2-1.5.0-2.fc22
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
[SECURITY] Fedora 23 Update: libssh2-1.6.0-4.fc23
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
[SECURITY] Fedora 20 Update: libssh2-1.5.0-1.fc20
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
[SECURITY] Fedora 21 Update: libssh2-1.5.0-1.fc21
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...
[SECURITY] Fedora 22 Update: libssh2-1.5.0-1.fc22
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS22, SECSH-USERAUTH25, SECSH-CONNECTION23, SECSH-ARCH20, SECSH-FILEXFER06, SECSH-DHGEX04, and SECSH-NUMBERS10...