Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:61681
HistoryMar 07, 2014 - 12:00 a.m.

Libssh随机号码生成器漏洞(CVE-2014-0017)

2014-03-0700:00:00
Root
www.seebug.org
22

0.0004 Low

EPSS

Percentile

5.7%

JSON

BUGTRAQ ID: 65963
CVE(CAN) ID: CVE-2014-0017

libssh 是一个用以访问SSH服务的C语言开发包,通过它可以执行远程命令、文件传输,同时为远程的程序提供安全的传输通道。

Libssh 0.6.3之前版本工作流处理新请求时没有正确初始化PRNG状态,攻击者通过中间人攻击,利用此漏洞可获取并操纵用户的通讯。
0
libssh libssh < 0.6.3
厂商补丁:

libssh

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/

Related

fedora 4
openvas 13
nessus 11
ubuntucve 1
debian 1
altlinux 3
debiancve 1
gentoo 1
ubuntu 1
osv 1
securityvulns 2
cvelist 1
cve 1
mageia 1
prion 1
freebsd 1
slackware 1
fedora
fedora
[SECURITY] Fedora 20 Update: libssh-0.6.3-1.fc20
2014-03-07 06:38:59
[SECURITY] Fedora 19 Update: libssh-0.6.3-1.fc19
2014-03-15 15:21:52
[SECURITY] Fedora 20 Update: libssh-0.6.4-1.fc20
2015-01-03 19:10:54
openvas
openvas
Fedora Update for libssh FEDORA-2014-3473
2014-03-12 00:00:00
Ubuntu: Security Advisory (USN-2145-1)
2014-03-17 00:00:00
Fedora Update for libssh FEDORA-2014-3473
2014-03-12 00:00:00
nessus
nessus
Ubuntu 12.04 LTS / 12.10 / 13.10 : libssh vulnerability (USN-2145-1)
2014-03-13 00:00:00
GLSA-201408-03 : LibSSH: Information disclosure
2014-08-11 00:00:00
Mandriva Linux Security Advisory : libssh (MDVSA-2014:053)
2014-03-14 00:00:00
ubuntucve
ubuntucve
CVE-2014-0017
2014-03-05 00:00:00
debian
debian
[SECURITY] [DSA 2879-1] libssh security update
2014-03-13 21:55:59
altlinux
altlinux
Security fix for the ALT Linux 8 package libssh version 0.6.3-alt1
2014-03-25 00:00:00
Security fix for the ALT Linux 7 package libssh version 0.6.3-alt1
2014-03-25 00:00:00
Security fix for the ALT Linux 9 package libssh version 0.6.3-alt1
2014-03-25 00:00:00
debiancve
debiancve
CVE-2014-0017
2014-03-14 15:55:00
gentoo
gentoo
LibSSH: Information disclosure
2014-08-10 00:00:00
ubuntu
ubuntu
libssh vulnerability
2014-03-12 00:00:00
osv
osv
libssh - security update
2014-03-13 00:00:00
securityvulns
securityvulns
[USN-2145-1] libssh vulnerability
2014-03-13 00:00:00
libssh PRNG attacks
2014-03-13 00:00:00
cvelist
cvelist
CVE-2014-0017
2014-03-14 15:00:00
cve
cve
CVE-2014-0017
2014-03-14 15:55:00
mageia
mageia
Updated libssh package fixes security vulnerability
2014-03-06 03:17:12
prion
prion
Cross site request forgery (csrf)
2014-03-14 15:55:00
freebsd
freebsd
libssh -- PRNG state reuse on forking servers
2014-03-05 00:00:00
slackware
slackware
[slackware-security] libssh
2015-04-22 01:20:42

0.0004 Low

EPSS

Percentile

5.7%

JSON
Related for SSV:61681
fedora4openvas13nessus11ubuntucve1debian1altlinux3debiancve1gentoo1ubuntu1osv1securityvulns2cvelist1cve1mageia1prion1freebsd1slackware1