Vulnerabilites related to libssh2 - libssh2
Vulnerability from fkie_nvd
Published
2019-03-21 21:29
Modified
2024-11-21 04:42
Severity ?
Summary
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| netapp | ontap_select_deploy_administration_utility | - | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| opensuse | leap | 42.3 | |
| apple | xcode | * | |
| oracle | peoplesoft_enterprise_peopletools | 8.56 | |
| oracle | peoplesoft_enterprise_peopletools | 8.57 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "23E074D8-B71C-4C02-9383-F419F9C6EFB2", versionEndExcluding: "1.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*", matchCriteriaId: "3AA08768-75AF-4791-B229-AE938C780959", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apple:xcode:*:*:*:*:*:*:*:*", matchCriteriaId: "8B0ADF4A-CFD7-4719-8713-07E9069169F7", versionEndExcluding: "11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", matchCriteriaId: "D0A735B4-4F3C-416B-8C08-9CB21BAD2889", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.", }, { lang: "es", value: "Se ha descubierto un error de desbordamiento de enteros que podría conducir a una escritura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que los paquetes se leen desde el servidor. Un atacante remoto que comprometa un servidor SSH podría ser capaz de ejecutar código en el sistema del cliente cuando un usuario se conecta al servidor", }, ], id: "CVE-2019-3855", lastModified: "2024-11-21T04:42:43.427", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T21:29:00.433", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Sep/42", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107485", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Sep/49", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210609", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3855.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2019/Sep/42", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107485", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Sep/49", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT210609", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3855.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-25 19:29
Modified
2024-11-21 04:42
Severity ?
Summary
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| netapp | ontap_select_deploy_administration_utility | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 42.3 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| fedoraproject | fedora | 28 | |
| oracle | peoplesoft_enterprise_peopletools | 8.56 | |
| oracle | peoplesoft_enterprise_peopletools | 8.57 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "E9E8E9B8-66F3-4F0E-98E5-6D41E9A01EE0", versionEndIncluding: "1.8.0", versionStartIncluding: "1.2.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*", matchCriteriaId: "3AA08768-75AF-4791-B229-AE938C780959", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", matchCriteriaId: "D0A735B4-4F3C-416B-8C08-9CB21BAD2889", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.", }, { lang: "es", value: "Se ha descubierto un error de desbordamiento de enteros que podría conducir a una escritura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que se analizan los paquetes SSH_MSG_CHANNEL_REQUEST con una señal de salida. Un atacante remoto que comprometa un servidor SSH podría ser capaz de ejecutar código en el sistema del cliente cuando un usuario se conecta al servidor.", }, ], id: "CVE-2019-3857", lastModified: "2024-11-21T04:42:43.817", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-25T19:29:01.837", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3857", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3857.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3857", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3857.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-25 19:29
Modified
2024-11-21 04:42
Severity ?
5.0 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| debian | debian_linux | 8.0 | |
| netapp | ontap_select_deploy_administration_utility | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 42.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "3210C407-595D-475C-B431-40014D8A2947", versionEndIncluding: "1.8.0", versionStartIncluding: "0.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, { lang: "es", value: "Se ha descubierto un error de lectura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que se analizan los paquetes SFTP con cargas útiles vacías. Un atacante remoto que comprometa un servidor SSH podría ser capaz de provocar una denegación de servicio o una lectura de datos en la memoria del cliente.", }, ], id: "CVE-2019-3860", lastModified: "2024-11-21T04:42:44.327", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 3.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-25T19:29:01.883", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00072.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3860", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00028.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "secalert@redhat.com", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "secalert@redhat.com", url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3860.html", }, { source: "secalert@redhat.com", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00072.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3860", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00028.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3860.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-03-13 14:59
Modified
2025-04-12 10:46
Severity ?
Summary
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| debian | debian_linux | 7.0 | |
| libssh2 | libssh2 | * | |
| fedoraproject | fedora | 20 | |
| fedoraproject | fedora | 21 | |
| fedoraproject | fedora | 22 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "BB9BE688-0304-45AF-BB8C-398B8B5E78D6", versionEndIncluding: "1.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*", matchCriteriaId: "FF47C9F0-D8DA-4B55-89EB-9B2C9383ADB9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*", matchCriteriaId: "56BDB5A0-0839-4A20-A003-B8CD56F48171", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.", }, { lang: "es", value: "La función kex_agree_methods en libssh2 anterior a 1.5.0 permite a servidores remotos causar una denegación de servicio (caída) o tener otro impacto sin especificar a través de valores de longitud modificados en un paquete SSH_MSG_KEXINIT.", }, ], id: "CVE-2015-1782", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2015-03-13T14:59:00.083", references: [ { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151943.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152362.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153933.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3182", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://www.libssh2.org/adv_20150311.html", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:148", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/73061", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151943.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152362.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153933.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2015/dsa-3182", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.libssh2.org/adv_20150311.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:148", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/73061", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-21 21:29
Modified
2024-11-21 04:42
Severity ?
5.0 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| fedoraproject | fedora | 29 | |
| debian | debian_linux | 8.0 | |
| netapp | ontap_select_deploy_administration_utility | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 42.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "23E074D8-B71C-4C02-9383-F419F9C6EFB2", versionEndExcluding: "1.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, { lang: "es", value: "Se ha descubierto un error de lectura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, cuando un paquete SFTP especialmente manipulado se recibe desde el servidor. Un atacante remoto que comprometa un servidor SSH podría ser capaz de provocar una denegación de servicio o una lectura de datos en la memoria del cliente.", }, ], id: "CVE-2019-3858", lastModified: "2024-11-21T04:42:43.997", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 3.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T21:29:00.573", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107485", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:2136", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3858", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { source: "secalert@redhat.com", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { source: "secalert@redhat.com", url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3858.html", }, { source: "secalert@redhat.com", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107485", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2136", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3858", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3858.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-08-22 19:16
Modified
2024-11-21 05:13
Severity ?
Summary
An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:1.10.0:*:*:*:*:*:*:*", matchCriteriaId: "F25E23F0-5D4C-4436-A262-EC251272FDA4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.", }, ], id: "CVE-2020-22218", lastModified: "2024-11-21T05:13:11.797", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-08-22T19:16:19.120", references: [ { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libssh2/libssh2/pull/476", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20231006-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", ], url: "https://github.com/libssh2/libssh2/pull/476", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20231006-0002/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-25 18:29
Modified
2024-11-21 04:42
Severity ?
7.5 (High) - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.8 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| debian | debian_linux | 8.0 | |
| netapp | ontap_select_deploy_administration_utility | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 42.3 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "23E074D8-B71C-4C02-9383-F419F9C6EFB2", versionEndExcluding: "1.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.", }, { lang: "es", value: "Se ha descubierto un problema en versiones anteriores a la 1.8.1 de libssh2. Un servidor podría enviar múltiples mensajes de respuesta interactiva mediante teclado cuya longitud total es mayor que el los caracteres no firmados char max. El valor se utiliza como índice para copiar memoria causando un error de escritura de memoria fuera de límites.", }, ], id: "CVE-2019-3863", lastModified: "2024-11-21T04:42:44.777", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-25T18:29:01.590", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "secalert@redhat.com", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "secalert@redhat.com", url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3863.html", }, { source: "secalert@redhat.com", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3863.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-04-13 17:59
Modified
2025-04-12 10:46
Severity ?
Summary
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| fedoraproject | fedora | 22 | |
| fedoraproject | fedora | 23 | |
| opensuse | opensuse | 13.2 | |
| libssh2 | libssh2 | * | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", matchCriteriaId: "253C303A-E577-4488-93E6-68A8DD942C38", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", matchCriteriaId: "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", matchCriteriaId: "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "D67987A0-3291-477D-B62B-31DFB7BC3E92", versionEndIncluding: "1.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a \"bits/bytes confusion bug.\"", }, { lang: "es", value: "La función diffie_hellman_sha256 en kex.c en libssh2 en versiones anteriores a 1.7.0 trunca de manera incorrecta secretos a 128 o 256 bits, lo que hace más fácil para atacantes man-in-the-middle descifrar o interceptar sesiones SSH a través de vectores no especificados, también conocido como \"bits/bytes confusion bug\".", }, ], id: "CVE-2016-0787", lastModified: "2025-04-12T10:46:40.837", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.0", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-04-13T17:59:10.930", references: [ { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2016/dsa-3487", }, { source: "secalert@redhat.com", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/82514", }, { source: "secalert@redhat.com", url: "https://bto.bluecoat.com/security-advisory/sa120", }, { source: "secalert@redhat.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10156", }, { source: "secalert@redhat.com", url: "https://puppet.com/security/cve/CVE-2016-0787", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-12", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "https://www.libssh2.org/CVE-2016-0787.patch", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.libssh2.org/adv_20160223.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2016/dsa-3487", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/82514", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bto.bluecoat.com/security-advisory/sa120", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10156", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://puppet.com/security/cve/CVE-2016-0787", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201606-12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://www.libssh2.org/CVE-2016-0787.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.libssh2.org/adv_20160223.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-21 16:01
Modified
2024-11-21 04:42
Severity ?
5.0 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| fedoraproject | fedora | 28 | |
| fedoraproject | fedora | 29 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| netapp | ontap_select_deploy_administration_utility | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 42.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "23E074D8-B71C-4C02-9383-F419F9C6EFB2", versionEndExcluding: "1.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, { lang: "es", value: "Se ha descubierto un error de lectura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en las funciones _libssh2_packet_require y _libssh2_packet_requirev. Un atacante remoto que comprometa un servidor SSH podría ser capaz de provocar una denegación de servicio o una lectura de datos en la memoria del cliente.", }, ], id: "CVE-2019-3859", lastModified: "2024-11-21T04:42:44.157", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 3.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:01:04.843", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00103.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107485", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3859", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00006.html", }, { source: "secalert@redhat.com", url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3859.html", }, { source: "secalert@redhat.com", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00103.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107485", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3859", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3859.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-25 19:29
Modified
2024-11-21 04:42
Severity ?
5.0 (Medium) - CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| debian | debian_linux | 8.0 | |
| netapp | ontap_select_deploy_administration_utility | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 42.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "FD6BFD30-9730-4488-9357-CDF655C6BCF1", versionEndIncluding: "1.8.0", versionStartIncluding: "0.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, { lang: "es", value: "Se ha descubierto un error de lectura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que se analizan los paquetes SSH con un valor de longitud de relleno mayor que el propio paquete. Un atacante remoto que comprometa un servidor SSH podría ser capaz de provocar una denegación de servicio o una lectura de datos en la memoria del cliente.", }, ], id: "CVE-2019-3861", lastModified: "2024-11-21T04:42:44.473", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 3.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-25T19:29:01.930", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:2136", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3861", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "secalert@redhat.com", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "secalert@redhat.com", url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3861.html", }, { source: "secalert@redhat.com", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:2136", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3861", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3861.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-07-16 18:15
Modified
2024-11-21 04:24
Severity ?
Summary
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| fedoraproject | fedora | 29 | |
| fedoraproject | fedora | 30 | |
| netapp | cloud_backup | - | |
| netapp | e-series_santricity_os_controller | * | |
| netapp | ontap_select_deploy_administration_utility | - | |
| f5 | traffix_systems_signaling_delivery_controller | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "CD7E9884-7423-47AE-A5B2-1F2853D93125", versionEndExcluding: "1.9.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*", matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "FF971916-C526-43A9-BD80-985BCC476569", versionEndIncluding: "11.70.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:f5:traffix_systems_signaling_delivery_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "A87510FE-775A-44FB-9792-074CD5DE5C38", versionEndIncluding: "5.1.0", versionStartIncluding: "5.0.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.", }, { lang: "es", value: "En libssh2 anterior a la versión 1.9.0, el archivo kex_method_diffie_hellman_group_exchange_sha256_key_exchange en kex.c presenta un desbordamiento de enteros que podría conllevar a una escritura fuera de límites en la manera en que se leen los paquetes desde el servidor. Un atacante remoto que comprometa un servidor SSH puede ejecutar código en el sistema cliente cuando un usuario se conecta al servidor. Esto esta relacionado con un error de _libssh2_check_length y es diferente de los diversos problemas corregidos en la versión 1.8.1, tal y como el CVE-2019-3855.", }, ], id: "CVE-2019-13115", lastModified: "2024-11-21T04:24:13.313", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-07-16T18:15:13.287", references: [ { source: "cve@mitre.org", url: "http://packetstormsecurity.com/files/172834/libssh2-1.8.2-Out-Of-Bounds-Read.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.semmle.com/libssh2-integer-overflow/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/libssh2/libssh2/pull/350", }, { source: "cve@mitre.org", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://libssh2.org/changes.html", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", }, { source: "cve@mitre.org", url: "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190806-0002/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K13322484", }, { source: "cve@mitre.org", url: "https://support.f5.com/csp/article/K13322484?utm_source=f5support&%3Butm_medium=RSS", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/172834/libssh2-1.8.2-Out-Of-Bounds-Read.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://blog.semmle.com/libssh2-integer-overflow/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/libssh2/libssh2/pull/350", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", "Vendor Advisory", ], url: "https://libssh2.org/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190806-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.f5.com/csp/article/K13322484", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://support.f5.com/csp/article/K13322484?utm_source=f5support&%3Butm_medium=RSS", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-125", }, { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-10-21 22:15
Modified
2024-11-21 04:32
Severity ?
Summary
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| fedoraproject | fedora | 30 | |
| fedoraproject | fedora | 31 | |
| opensuse | leap | 15.1 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| netapp | active_iq_unified_manager | - | |
| netapp | element_software | - | |
| netapp | hci_management_node | - | |
| netapp | ontap_select_deploy_administration_utility | - | |
| netapp | solidfire | - | |
| netapp | bootstrap_os | - | |
| netapp | hci_compute_node | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "D0F2D0AA-AFDD-41A2-8172-EEB203227E5D", versionEndIncluding: "1.9.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*", matchCriteriaId: "85DF4B3F-4BBC-42B7-B729-096934523D63", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*", matchCriteriaId: "95BA156C-C977-4F0C-8DFB-3FAE9CC8C02D", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.", }, { lang: "es", value: "En libssh2 versión v1.9.0 y anteriores, la lógica de la función SSH_MSG_DISCONNECT en el archivo packet.c presenta un desbordamiento de enteros en una comprobación de límites, lo que permite a un atacante especificar un desplazamiento arbitrario (fuera de límites) para una lectura de memoria posterior. Un servidor SSH diseñado puede ser capaz de revelar información confidencial o causar una condición de denegación de servicio en el sistema del cliente cuando un usuario conecta con el servidor.", }, ], id: "CVE-2019-17498", lastModified: "2024-11-21T04:32:22.850", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.1, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-10-21T22:15:10.523", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html", }, { source: "cve@mitre.org", url: "http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html", }, { source: "cve@mitre.org", url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220909-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220909-0004/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2023-12-18 16:15
Modified
2024-12-02 14:54
Severity ?
Summary
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*", matchCriteriaId: "5308FBBB-F738-41C5-97A4-E40118E957CD", versionEndExcluding: "9.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", matchCriteriaId: "A9D807DB-9E20-4792-8A9F-4BFFC841BAB7", versionEndExcluding: "0.80", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*", matchCriteriaId: "42915485-A4DA-48DD-9C15-415D2D39DC52", versionEndExcluding: "3.66.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*", matchCriteriaId: "9F37C9AC-185F-403A-A79B-2D5C8E11AFC4", versionEndIncluding: "11.1.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", matchCriteriaId: "387021A0-AF36-463C-A605-32EA7DAC172E", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:panic:transmit_5:*:*:*:*:*:*:*:*", matchCriteriaId: "31FFE0AA-FC25-40DE-8EE9-7F4C80ABDE4F", versionEndExcluding: "5.10.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*", matchCriteriaId: "387021A0-AF36-463C-A605-32EA7DAC172E", vulnerable: false, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:a:panic:nova:*:*:*:*:*:*:*:*", matchCriteriaId: "F2FCF7EF-97D7-44CF-AC74-72D856901755", versionEndExcluding: "11.8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:roumenpetrov:pkixssh:*:*:*:*:*:*:*:*", matchCriteriaId: "53CAD263-1C60-43BD-86A2-C8DB15FFB4C6", versionEndExcluding: "14.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*", matchCriteriaId: "8FA57F20-C9C1-40A7-B2CD-F3440CCF1D66", versionEndExcluding: "6.2.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bitvise:ssh_client:*:*:*:*:*:*:*:*", matchCriteriaId: "6209E375-10C7-4E65-A2E7-455A686717AC", versionEndExcluding: "9.33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:bitvise:ssh_server:*:*:*:*:*:*:*:*", matchCriteriaId: "1A05CC3C-19C5-4BAA-ABA2-EE1795E0BE81", versionEndExcluding: "9.32", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lancom-systems:lcos:*:*:*:*:*:*:*:*", matchCriteriaId: "3A71B523-0778-46C6-A38B-64452E0BB6E7", versionEndIncluding: "3.66.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lancom-systems:lcos_fx:-:*:*:*:*:*:*:*", matchCriteriaId: "F1C91308-15E5-40AF-B4D5-3CAD7BC65DDF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lancom-systems:lcos_lx:-:*:*:*:*:*:*:*", matchCriteriaId: "418940E3-6DD1-4AA6-846A-03E059D0C681", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lancom-systems:lcos_sx:4.20:*:*:*:*:*:*:*", matchCriteriaId: "411BA58A-33B6-44CA-B9D6-7F9042D46961", vulnerable: true, }, { criteria: "cpe:2.3:o:lancom-systems:lcos_sx:5.20:*:*:*:*:*:*:*", matchCriteriaId: "FA17A153-30E4-4731-8706-8F74FCA50993", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:lancom-systems:lanconfig:-:*:*:*:*:*:*:*", matchCriteriaId: "FB736F57-9BE3-4457-A10E-FA88D0932154", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:vandyke:securecrt:*:*:*:*:*:*:*:*", matchCriteriaId: "6EB8D02D-87F3-414D-A3EA-43F594DAAC1B", versionEndExcluding: "9.4.3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*", matchCriteriaId: "AAB481DA-FBFE-4CC2-9AE7-22025FA07494", versionEndExcluding: "0.10.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:net-ssh:net-ssh:7.2.0:*:*:*:*:ruby:*:*", matchCriteriaId: "3D6FD459-F8E8-4126-8097-D30B4639404A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ssh2_project:ssh2:*:*:*:*:*:node.js:*:*", matchCriteriaId: "69510F52-C699-4E7D-87EF-7000682888F0", versionEndIncluding: "1.11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:proftpd:proftpd:*:*:*:*:*:*:*:*", matchCriteriaId: "9461430B-3709-45B6-8858-2101F5AE4481", versionEndIncluding: "1.3.8b", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:freebsd:freebsd:*:*:*:*:*:*:*:*", matchCriteriaId: "B9A01DF3-E20E-4F29-B5CF-DDF717D01E74", versionEndIncluding: "12.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:crates:thrussh:*:*:*:*:*:*:*:*", matchCriteriaId: "D25EB73D-6145-4B7D-8F14-80FD0B458E99", versionEndExcluding: "0.35.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tera_term_project:tera_term:*:*:*:*:*:*:*:*", matchCriteriaId: "77594DEC-B5F7-4911-A13D-FFE91C74BAFA", versionEndIncluding: "5.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oryx-embedded:cyclone_ssh:*:*:*:*:*:*:*:*", matchCriteriaId: "F8FF7E74-2351-4CD9-B717-FA28893293A1", versionEndExcluding: "2.3.4", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*", matchCriteriaId: "82A93C12-FEB6-4E82-B283-0ED7820D807E", versionEndIncluding: "10.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netsarang:xshell_7:*:*:*:*:*:*:*:*", matchCriteriaId: "B480AE79-2FA1-4281-9F0D-0DE812B9354D", versionEndExcluding: "build__0144", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:paramiko:paramiko:*:*:*:*:*:*:*:*", matchCriteriaId: "826B6323-06F8-4B96-8771-3FA15A727B08", versionEndExcluding: "3.4.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*", matchCriteriaId: "932D137F-528B-4526-9A89-CD59FA1AB0FE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*", matchCriteriaId: "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*", matchCriteriaId: "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:openstack_platform:17.1:*:*:*:*:*:*:*", matchCriteriaId: "E315FC5C-FF19-43C9-A58A-CF2A5FF13824", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:ceph_storage:6.0:*:*:*:*:*:*:*", matchCriteriaId: "FA7EAD12-E398-44AF-9859-F3CA6C63BA6B", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "7F6FB57C-2BC7-487C-96DD-132683AEB35D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_serverless:-:*:*:*:*:*:*:*", matchCriteriaId: "77675CB7-67D7-44E9-B7FF-D224B3341AA5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_gitops:-:*:*:*:*:*:*:*", matchCriteriaId: "C0AAA300-691A-4957-8B69-F6888CC971B1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_pipelines:-:*:*:*:*:*:*:*", matchCriteriaId: "45937289-2D64-47CB-A750-5B4F0D4664A0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_developer_tools_and_services:-:*:*:*:*:*:*:*", matchCriteriaId: "97321212-0E07-4CC2-A917-7B5F61AB9A5A", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_data_foundation:4.0:*:*:*:*:*:*:*", matchCriteriaId: "0E2C021C-A9F0-4EB4-ADED-81D8B57B4563", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_api_for_data_protection:-:*:*:*:*:*:*:*", matchCriteriaId: "7BF8EFFB-5686-4F28-A68F-1A8854E098CE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_virtualization:4:*:*:*:*:*:*:*", matchCriteriaId: "9C877879-B84B-471C-80CF-0656521CA8AB", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:storage:3.0:*:*:*:*:*:*:*", matchCriteriaId: "379A5883-F6DF-41F5-9403-8D17F6605737", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:discovery:-:*:*:*:*:*:*:*", matchCriteriaId: "B5B1D946-5978-4818-BF21-A43D9C1365E1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:openshift_dev_spaces:-:*:*:*:*:*:*:*", matchCriteriaId: "99B8A88B-0B31-4CFF-AFD7-C9D3DDD5790D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:cert-manager_operator_for_red_hat_openshift:-:*:*:*:*:*:*:*", matchCriteriaId: "6D5A7736-A403-4617-8790-18E46CB74DA6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:keycloak:-:*:*:*:*:*:*:*", matchCriteriaId: "6E0DE4E1-5D8D-40F3-8AC8-C7F736966158", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*", matchCriteriaId: "88BF3B2C-B121-483A-AEF2-8082F6DA5310", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:single_sign-on:7.0:*:*:*:*:*:*:*", matchCriteriaId: "9EFEC7CA-8DDA-48A6-A7B6-1F1D14792890", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:redhat:advanced_cluster_security:3.0:*:*:*:*:*:*:*", matchCriteriaId: "F0FD736A-8730-446A-BA3A-7B608DB62B0E", vulnerable: true, }, { criteria: "cpe:2.3:a:redhat:advanced_cluster_security:4.0:*:*:*:*:*:*:*", matchCriteriaId: "F4C504B6-3902-46E2-82B7-48AEC9CDD48D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:golang:crypto:*:*:*:*:*:*:*:*", matchCriteriaId: "F92E56DF-98DF-4328-B37E-4D5744E4103D", versionEndExcluding: "0.17.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:russh_project:russh:*:*:*:*:*:rust:*:*", matchCriteriaId: "AC12508E-3C31-44EA-B4F3-29316BE9B189", versionEndExcluding: "0.40.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:sftpgo_project:sftpgo:*:*:*:*:*:*:*:*", matchCriteriaId: "1750028C-698D-4E84-B727-8A155A46ADEB", versionEndExcluding: "2.5.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:erlang:erlang\\/otp:*:*:*:*:*:*:*:*", matchCriteriaId: "3A9A8E99-7F4A-4B74-B86B-8B3E8B2A8776", versionEndExcluding: "26.2.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:matez:jsch:*:*:*:*:*:*:*:*", matchCriteriaId: "61119DB3-4336-4D3B-863A-0CCF4146E5C1", versionEndExcluding: "0.2.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "7BFDD272-3DF0-4E3F-B69A-E7ABF4B18B24", versionEndExcluding: "1.11.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:asyncssh_project:asyncssh:*:*:*:*:*:*:*:*", matchCriteriaId: "FAE46983-0ABC-49F7-AC18-A78FAC7E73AA", versionEndExcluding: "2.14.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:dropbear_ssh_project:dropbear_ssh:*:*:*:*:*:*:*:*", matchCriteriaId: "06BF3368-F232-4E6B-883E-A591EED5C827", versionEndExcluding: "2022.83", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:jadaptive:maverick_synergy_java_ssh_api:*:*:*:*:*:*:*:*", matchCriteriaId: "36531FB6-5682-4BF1-9785-E9D6D1C4207B", versionEndExcluding: "3.1.0-snapshot", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ssh:ssh:*:*:*:*:*:*:*:*", matchCriteriaId: "514ED687-0D7B-479B-82C5-7EB1A5EEC94C", versionEndExcluding: "5.11", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:thorntech:sftp_gateway_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "83B1AF39-C0B9-4031-B19A-BDDD4F337273", versionEndExcluding: "3.4.6", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netgate:pfsense_plus:*:*:*:*:*:*:*:*", matchCriteriaId: "2B71B0EF-888E-45E2-A055-F59CDCC1AFC7", versionEndIncluding: "23.09.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netgate:pfsense_ce:*:*:*:*:*:*:*:*", matchCriteriaId: "8F23CDF7-2881-4B4E-B84F-4E04F4ED8CCF", versionEndIncluding: "2.7.2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:crushftp:crushftp:*:*:*:*:*:*:*:*", matchCriteriaId: "C1795F7A-203F-400E-B09C-0FAF16D01CFC", versionEndExcluding: "10.6.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:connectbot:sshlib:*:*:*:*:*:*:*:*", matchCriteriaId: "0D79DDDD-02F0-4C12-BE7F-1B9DF1722C7A", versionEndExcluding: "2.2.22", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:sshd:*:*:*:*:*:*:*:*", matchCriteriaId: "E2D7B0CA-C01F-4296-9425-48299E3889C5", versionEndIncluding: "2.11.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:apache:sshj:*:*:*:*:*:*:*:*", matchCriteriaId: "1C3EB0B8-9E76-4146-AB02-02E20B91D55C", versionEndIncluding: "0.37.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:tinyssh:tinyssh:*:*:*:*:*:*:*:*", matchCriteriaId: "0582468A-149B-429F-978A-2AEDF4BE2606", versionEndIncluding: "20230101", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:trilead:ssh2:6401:*:*:*:*:*:*:*", matchCriteriaId: "7E4BAF06-5A79-46D7-8C4F-E670BD6B7C2D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:9bis:kitty:*:*:*:*:*:*:*:*", matchCriteriaId: "98321BF9-5E8F-4836-842C-47713B1C2775", versionEndIncluding: "0.76.1.13", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:gentoo:security:-:*:*:*:*:*:*:*", matchCriteriaId: "76BDAFDE-4515-42E6-820F-38AF4A786CF2", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:-:*:*:*:*:*:*:*", matchCriteriaId: "5920923E-0D52-44E5-801D-10B82846ED58", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", matchCriteriaId: "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", vulnerable: true, }, { criteria: "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", matchCriteriaId: "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*", matchCriteriaId: "73160D1F-755B-46D2-969F-DF8E43BB1099", versionEndExcluding: "14.4", versionStartIncluding: "14.0", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.", }, { lang: "es", value: "El protocolo de transporte SSH con ciertas extensiones OpenSSH, que se encuentra en OpenSSH anterior a 9.6 y otros productos, permite a atacantes remotos eludir las comprobaciones de integridad de modo que algunos paquetes se omiten (del mensaje de negociación de extensión) y, en consecuencia, un cliente y un servidor pueden terminar con una conexión para la cual algunas características de seguridad han sido degradadas o deshabilitadas, también conocido como un ataque Terrapin. Esto ocurre porque SSH Binary Packet Protocol (BPP), implementado por estas extensiones, maneja mal la fase de protocolo de enlace y el uso de números de secuencia. Por ejemplo, existe un ataque eficaz contra ChaCha20-Poly1305 (y CBC con Encrypt-then-MAC). La omisión se produce en chacha20-poly1305@openssh.com y (si se utiliza CBC) en los algoritmos MAC -etm@openssh.com. Esto también afecta a Maverick Synergy Java SSH API anterior a 3.1.0-SNAPSHOT, Dropbear hasta 2022.83, Ssh anterior a 5.1.1 en Erlang/OTP, PuTTY anterior a 0.80 y AsyncSSH anterior a 2.14.2; y podría haber efectos en Bitvise SSH hasta la versión 9.31, libssh hasta la 0.10.5 y golang.org/x/crypto hasta el 17 de diciembre de 2023.", }, ], id: "CVE-2023-48795", lastModified: "2024-12-02T14:54:27.177", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2023-12-18T16:15:10.897", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2024/Mar/21", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/12/18/3", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/12/19/5", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Mitigation", ], url: "http://www.openwall.com/lists/oss-security/2023/12/20/3", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/03/06/3", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/04/17/8", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2023-48795", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugs.gentoo.org/920280", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1217950", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://crates.io/crates/thrussh/versions", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://filezilla-project.org/versions.php", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/NixOS/nixpkgs/pull/275249", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/advisories/GHSA-45x7-px36-x8w8", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/apache/mina-sshd/issues/445", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/cyd01/KiTTY/issues/520", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/hierynomus/sshj/issues/916", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/janmojzis/tinyssh/issues/81", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", }, { source: "cve@mitre.org", tags: [ "Mitigation", ], url: "https://github.com/libssh2/libssh2/pull/1291", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", }, { source: "cve@mitre.org", tags: [ "Product", ], url: "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/mwiede/jsch/issues/457", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/mwiede/jsch/pull/461", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://github.com/openssh/openssh-portable/commits/master", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/paramiko/paramiko/issues/2337", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/proftpd/proftpd/issues/456", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/rapier1/hpn-ssh/releases", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/ronf/asyncssh/tags", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://github.com/ssh-mitm/ssh-mitm/issues/165", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://github.com/warp-tech/russh/releases/tag/v0.40.2", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://gitlab.com/libssh/libssh-mirror/-/tags", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://help.panic.com/releasenotes/transmit5/", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://matt.ucc.asn.au/dropbear/CHANGES", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38684904", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38685286", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38732005", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://nova.app/releases/#v11.8", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://oryx-embedded.com/download/#changelog", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://roumenpetrov.info/secsh/#news20231220", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2023-48795", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/source-package/libssh2", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202312-16", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202312-17", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240105-0004/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT214084", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://twitter.com/TrueSkrillor/status/1736774389725565005", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://ubuntu.com/security/CVE-2023-48795", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://winscp.net/eng/docs/history#6.2.2", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.bitvise.com/ssh-client-version-history#933", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.bitvise.com/ssh-server-version-history", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://www.debian.org/security/2023/dsa-5586", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://www.debian.org/security/2023/dsa-5588", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.netsarang.com/en/xshell-update-history/", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.openssh.com/openbsd.html", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.openssh.com/txt/release-9.6", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "https://www.openwall.com/lists/oss-security/2023/12/18/2", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Mitigation", ], url: "https://www.openwall.com/lists/oss-security/2023/12/20/3", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.paramiko.org/changelog.html", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", ], url: "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://www.terrapin-attack.com", }, { source: "cve@mitre.org", tags: [ "Press/Media Coverage", ], url: "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", }, { source: "cve@mitre.org", tags: [ "Release Notes", ], url: "https://www.vandyke.com/products/securecrt/history.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/fulldisclosure/2024/Mar/21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/12/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2023/12/19/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", ], url: "http://www.openwall.com/lists/oss-security/2023/12/20/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/03/06/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://www.openwall.com/lists/oss-security/2024/04/17/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/security/cve/cve-2023-48795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugs.gentoo.org/920280", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1217950", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://crates.io/crates/thrussh/versions", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://filezilla-project.org/versions.php", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/NixOS/nixpkgs/pull/275249", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/advisories/GHSA-45x7-px36-x8w8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/apache/mina-sshd/issues/445", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/cyd01/KiTTY/issues/520", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/hierynomus/sshj/issues/916", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/janmojzis/tinyssh/issues/81", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mitigation", ], url: "https://github.com/libssh2/libssh2/pull/1291", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", ], url: "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/mwiede/jsch/issues/457", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/mwiede/jsch/pull/461", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://github.com/openssh/openssh-portable/commits/master", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/paramiko/paramiko/issues/2337", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/proftpd/proftpd/issues/456", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/rapier1/hpn-ssh/releases", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/ronf/asyncssh/tags", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://github.com/ssh-mitm/ssh-mitm/issues/165", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://github.com/warp-tech/russh/releases/tag/v0.40.2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://gitlab.com/libssh/libssh-mirror/-/tags", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://help.panic.com/releasenotes/transmit5/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://matt.ucc.asn.au/dropbear/CHANGES", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38684904", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38685286", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://news.ycombinator.com/item?id=38732005", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://nova.app/releases/#v11.8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://oryx-embedded.com/download/#changelog", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://roumenpetrov.info/secsh/#news20231220", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/CVE-2023-48795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/source-package/libssh2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202312-16", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202312-17", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20240105-0004/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://support.apple.com/kb/HT214084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://twitter.com/TrueSkrillor/status/1736774389725565005", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://ubuntu.com/security/CVE-2023-48795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://winscp.net/eng/docs/history#6.2.2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.bitvise.com/ssh-client-version-history#933", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.bitvise.com/ssh-server-version-history", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://www.debian.org/security/2023/dsa-5586", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://www.debian.org/security/2023/dsa-5588", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.netsarang.com/en/xshell-update-history/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.openssh.com/openbsd.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.openssh.com/txt/release-9.6", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "https://www.openwall.com/lists/oss-security/2023/12/18/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Mitigation", ], url: "https://www.openwall.com/lists/oss-security/2023/12/20/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.paramiko.org/changelog.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://www.terrapin-attack.com", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Press/Media Coverage", ], url: "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Release Notes", ], url: "https://www.vandyke.com/products/securecrt/history.txt", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Analyzed", weaknesses: [ { description: [ { lang: "en", value: "CWE-354", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-21 16:01
Modified
2024-11-21 04:42
Severity ?
7.3 (High) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
9.1 (Critical) - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Summary
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| fedoraproject | fedora | 29 | |
| debian | debian_linux | 8.0 | |
| netapp | ontap_select_deploy_administration_utility | - | |
| opensuse | leap | 42.3 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "23E074D8-B71C-4C02-9383-F419F9C6EFB2", versionEndExcluding: "1.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, { lang: "es", value: "Se ha descubierto un error de lectura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que se analizan los paquetes SSH_MSG_CHANNEL_REQUEST con un mensaje de estado de salida y sin carga útil. Un atacante remoto que comprometa un servidor SSH podría ser capaz de provocar una denegación de servicio o una lectura de datos en la memoria del cliente.", }, ], id: "CVE-2019-3862", lastModified: "2024-11-21T04:42:44.617", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.4, source: "secalert@redhat.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.1, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.2, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-21T16:01:04.967", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107485", }, { source: "secalert@redhat.com", url: "https://access.redhat.com/errata/RHSA-2019:1884", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3862", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { source: "secalert@redhat.com", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { source: "secalert@redhat.com", url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3862.html", }, { source: "secalert@redhat.com", url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { source: "secalert@redhat.com", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", "VDB Entry", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107485", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://access.redhat.com/errata/RHSA-2019:1884", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3862", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Patch", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3862.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-130", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-125", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-03-25 19:29
Modified
2024-11-21 04:42
Severity ?
Summary
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| libssh2 | libssh2 | * | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| netapp | ontap_select_deploy_administration_utility | - | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 42.3 | |
| redhat | enterprise_linux | 8.0 | |
| redhat | enterprise_linux_desktop | 7.0 | |
| redhat | enterprise_linux_server | 7.0 | |
| redhat | enterprise_linux_server_aus | 7.6 | |
| redhat | enterprise_linux_server_eus | 7.6 | |
| redhat | enterprise_linux_server_tus | 7.6 | |
| redhat | enterprise_linux_workstation | 7.0 | |
| fedoraproject | fedora | 28 | |
| oracle | peoplesoft_enterprise_peopletools | 8.56 | |
| oracle | peoplesoft_enterprise_peopletools | 8.57 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", matchCriteriaId: "23E074D8-B71C-4C02-9383-F419F9C6EFB2", versionEndExcluding: "1.8.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*", matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*", matchCriteriaId: "3AA08768-75AF-4791-B229-AE938C780959", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*", matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*", matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "BF77CDCF-B9C9-427D-B2BF-36650FB2148C", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*", matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC", vulnerable: true, }, { criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*", matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", matchCriteriaId: "DC1BD7B7-6D88-42B8-878E-F1318CA5FCAF", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", matchCriteriaId: "D0A735B4-4F3C-416B-8C08-9CB21BAD2889", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.", }, { lang: "es", value: "Se ha descubierto un error de desbordamiento de enteros que podría conducir a una escritura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que se analizan las peticiones de comandos de teclado. Un atacante remoto que comprometa un servidor SSH podría ser capaz de ejecutar código en el sistema del cliente cuando un usuario se conecta al servidor.", }, ], id: "CVE-2019-3856", lastModified: "2024-11-21T04:42:43.640", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.6, impactScore: 5.9, source: "secalert@redhat.com", type: "Secondary", }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 2.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-03-25T19:29:01.790", references: [ { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3856", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "secalert@redhat.com", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "secalert@redhat.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3856.html", }, { source: "secalert@redhat.com", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3856", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://www.libssh2.org/CVE-2019-3856.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "secalert@redhat.com", type: "Secondary", }, { description: [ { lang: "en", value: "CWE-190", }, { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2015-1782
Vulnerability from cvelistv5
Published
2015-03-13 14:00
Modified
2024-08-06 04:54
Severity ?
EPSS score ?
Summary
The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151943.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.mandriva.com/security/advisories?name=MDVSA-2015:148 | vendor-advisory, x_refsource_MANDRIVA | |
| http://www.securityfocus.com/bid/73061 | vdb-entry, x_refsource_BID | |
| http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | x_refsource_CONFIRM | |
| http://www.debian.org/security/2015/dsa-3182 | vendor-advisory, x_refsource_DEBIAN | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153933.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152362.html | vendor-advisory, x_refsource_FEDORA | |
| http://www.libssh2.org/adv_20150311.html | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T04:54:16.099Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2015-3757", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151943.html", }, { name: "MDVSA-2015:148", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:148", }, { name: "73061", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/73061", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "DSA-3182", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2015/dsa-3182", }, { name: "FEDORA-2015-3791", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153933.html", }, { name: "FEDORA-2015-3797", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152362.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.libssh2.org/adv_20150311.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-03-11T00:00:00", descriptions: [ { lang: "en", value: "The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2016-12-30T15:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "FEDORA-2015-3757", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/151943.html", }, { name: "MDVSA-2015:148", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2015:148", }, { name: "73061", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/73061", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html", }, { name: "DSA-3182", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2015/dsa-3182", }, { name: "FEDORA-2015-3791", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/153933.html", }, { name: "FEDORA-2015-3797", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-March/152362.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.libssh2.org/adv_20150311.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-1782", datePublished: "2015-03-13T14:00:00", dateReserved: "2015-02-17T00:00:00", dateUpdated: "2024-08-06T04:54:16.099Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3855
Vulnerability from cvelistv5
Published
2019-03-21 20:13
Modified
2024-08-04 19:19
Severity ?
EPSS score ?
Summary
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The libssh2 Project | libssh2 |
Version: 1.8.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.675Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.libssh2.org/CVE-2019-3855.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "FEDORA-2019-9d85600fc7", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", }, { name: "FEDORA-2019-5885663621", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/", }, { name: "RHSA-2019:2399", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://support.apple.com/kb/HT210609", }, { name: "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Sep/49", }, { name: "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0", tags: [ "mailing-list", "x_refsource_FULLDISC", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2019/Sep/42", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "libssh2", vendor: "The libssh2 Project", versions: [ { status: "affected", version: "1.8.1", }, ], }, ], datePublic: "2019-03-13T00:00:00", descriptions: [ { lang: "en", value: "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-16T17:41:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { tags: [ "x_refsource_MISC", ], url: "https://www.libssh2.org/CVE-2019-3855.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "FEDORA-2019-9d85600fc7", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", }, { name: "FEDORA-2019-5885663621", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/", }, { name: "RHSA-2019:2399", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://support.apple.com/kb/HT210609", }, { name: "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Sep/49", }, { name: "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0", tags: [ "mailing-list", "x_refsource_FULLDISC", ], url: "http://seclists.org/fulldisclosure/2019/Sep/42", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3855", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "libssh2", version: { version_data: [ { version_value: "1.8.1", }, ], }, }, ], }, vendor_name: "The libssh2 Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.", }, ], }, impact: { cvss: [ [ { vectorString: "7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190", }, ], }, { description: [ { lang: "eng", value: "CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Mar/25", }, { name: "https://www.libssh2.org/CVE-2019-3855.html", refsource: "MISC", url: "https://www.libssh2.org/CVE-2019-3855.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855", }, { name: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", refsource: "BID", url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { name: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", refsource: "CONFIRM", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "FEDORA-2019-9d85600fc7", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", }, { name: "FEDORA-2019-5885663621", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/", }, { name: "RHSA-2019:2399", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { name: "https://support.apple.com/kb/HT210609", refsource: "CONFIRM", url: "https://support.apple.com/kb/HT210609", }, { name: "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Sep/49", }, { name: "20190927 APPLE-SA-2019-9-26-7 Xcode 11.0", refsource: "FULLDISC", url: "http://seclists.org/fulldisclosure/2019/Sep/42", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3855", datePublished: "2019-03-21T20:13:25", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:19:18.675Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3856
Vulnerability from cvelistv5
Published
2019-03-25 18:31
Modified
2025-04-23 19:48
Severity ?
EPSS score ?
Summary
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The libssh2 Project | libssh2 |
Version: 1.8.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.557Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.libssh2.org/CVE-2019-3856.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3856", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "RHSA-2019:2399", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-3856", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-23T13:20:36.981205Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-23T19:48:00.365Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "libssh2", vendor: "The libssh2 Project", versions: [ { status: "affected", version: "1.8.1", }, ], }, ], descriptions: [ { lang: "en", value: "An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-16T17:41:00.000Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.libssh2.org/CVE-2019-3856.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3856", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "RHSA-2019:2399", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3856", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "libssh2", version: { version_data: [ { version_value: "1.8.1", }, ], }, }, ], }, vendor_name: "The libssh2 Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.", }, ], }, impact: { cvss: [ [ { vectorString: "7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190", }, ], }, { description: [ { lang: "eng", value: "CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "https://www.libssh2.org/CVE-2019-3856.html", refsource: "MISC", url: "https://www.libssh2.org/CVE-2019-3856.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3856", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3856", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "RHSA-2019:2399", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3856", datePublished: "2019-03-25T18:31:03.000Z", dateReserved: "2019-01-03T00:00:00.000Z", dateUpdated: "2025-04-23T19:48:00.365Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-17498
Vulnerability from cvelistv5
Published
2019-10-21 00:00
Modified
2024-08-05 01:40
Severity ?
EPSS score ?
Summary
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T01:40:15.913Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480", }, { tags: [ "x_transferred", ], url: "https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/", }, { tags: [ "x_transferred", ], url: "https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498", }, { name: "FEDORA-2019-91529f19e4", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/", }, { name: "openSUSE-SU-2019:2483", tags: [ "vendor-advisory", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html", }, { name: "[debian-lts-announce] 20191113 [SECURITY] [DLA 1991-1] libssh2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html", }, { name: "FEDORA-2019-ec04c34768", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/", }, { tags: [ "x_transferred", ], url: "https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c", }, { name: "[debian-lts-announce] 20211217 [SECURITY] [DLA 2848-1] libssh2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220909-0004/", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html", }, { name: "[debian-lts-announce] 20230908 [SECURITY] [DLA 3559-1] libssh2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-08T13:06:20.499920", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480", }, { url: "https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/", }, { url: "https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498", }, { name: "FEDORA-2019-91529f19e4", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/", }, { name: "openSUSE-SU-2019:2483", tags: [ "vendor-advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.html", }, { name: "[debian-lts-announce] 20191113 [SECURITY] [DLA 1991-1] libssh2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2019/11/msg00010.html", }, { name: "FEDORA-2019-ec04c34768", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/", }, { url: "https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c", }, { name: "[debian-lts-announce] 20211217 [SECURITY] [DLA 2848-1] libssh2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html", }, { url: "https://security.netapp.com/advisory/ntap-20220909-0004/", }, { url: "http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html", }, { name: "[debian-lts-announce] 20230908 [SECURITY] [DLA 3559-1] libssh2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-17498", datePublished: "2019-10-21T00:00:00", dateReserved: "2019-10-11T00:00:00", dateUpdated: "2024-08-05T01:40:15.913Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3857
Vulnerability from cvelistv5
Published
2019-03-25 18:30
Modified
2025-04-23 19:48
Severity ?
EPSS score ?
Summary
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The libssh2 Project | libssh2 |
Version: 1.8.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.668Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3857", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.libssh2.org/CVE-2019-3857.html", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "RHSA-2019:2399", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-3857", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-23T13:20:40.532184Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-23T19:48:11.114Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "libssh2", vendor: "The libssh2 Project", versions: [ { status: "affected", version: "1.8.1", }, ], }, ], descriptions: [ { lang: "en", value: "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-16T17:41:00.000Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3857", }, { tags: [ "x_refsource_MISC", ], url: "https://www.libssh2.org/CVE-2019-3857.html", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "RHSA-2019:2399", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3857", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "libssh2", version: { version_data: [ { version_value: "1.8.1", }, ], }, }, ], }, vendor_name: "The libssh2 Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.", }, ], }, impact: { cvss: [ [ { vectorString: "7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190", }, ], }, { description: [ { lang: "eng", value: "CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3857", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3857", }, { name: "https://www.libssh2.org/CVE-2019-3857.html", refsource: "MISC", url: "https://www.libssh2.org/CVE-2019-3857.html", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "RHSA-2019:2399", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3857", datePublished: "2019-03-25T18:30:56.000Z", dateReserved: "2019-01-03T00:00:00.000Z", dateUpdated: "2025-04-23T19:48:11.114Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3863
Vulnerability from cvelistv5
Published
2019-03-25 17:52
Modified
2025-04-23 19:48
Severity ?
EPSS score ?
Summary
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The libssh2 Project | libssh2 |
Version: 1.8.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.614Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.libssh2.org/CVE-2019-3863.html", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "RHSA-2019:2399", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2019-3863", options: [ { Exploitation: "none", }, { Automatable: "no", }, { "Technical Impact": "total", }, ], role: "CISA Coordinator", timestamp: "2025-04-23T13:20:45.609039Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2025-04-23T19:48:19.703Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "libssh2", vendor: "The libssh2 Project", versions: [ { status: "affected", version: "1.8.1", }, ], }, ], descriptions: [ { lang: "en", value: "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-190", description: "CWE-190", lang: "en", type: "CWE", }, ], }, { descriptions: [ { cweId: "CWE-787", description: "CWE-787", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-16T17:41:00.000Z", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863", }, { tags: [ "x_refsource_MISC", ], url: "https://www.libssh2.org/CVE-2019-3863.html", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "RHSA-2019:2399", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3863", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "libssh2", version: { version_data: [ { version_value: "1.8.1", }, ], }, }, ], }, vendor_name: "The libssh2 Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.", }, ], }, impact: { cvss: [ [ { vectorString: "7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-190", }, ], }, { description: [ { lang: "eng", value: "CWE-787", }, ], }, ], }, references: { reference_data: [ { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863", }, { name: "https://www.libssh2.org/CVE-2019-3863.html", refsource: "MISC", url: "https://www.libssh2.org/CVE-2019-3863.html", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "RHSA-2019:0679", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { name: "openSUSE-SU-2019:1075", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1175", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1175", }, { name: "RHSA-2019:1652", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1652", }, { name: "RHSA-2019:1791", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1791", }, { name: "RHSA-2019:1943", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1943", }, { name: "RHSA-2019:2399", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2399", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3863", datePublished: "2019-03-25T17:52:10.000Z", dateReserved: "2019-01-03T00:00:00.000Z", dateUpdated: "2025-04-23T19:48:19.703Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3862
Vulnerability from cvelistv5
Published
2019-03-20 21:39
Modified
2024-08-04 19:19
Severity ?
EPSS score ?
Summary
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The libssh2 Project | libssh2 |
Version: 1.8.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.615Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.libssh2.org/CVE-2019-3862.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3862", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1884", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:1884", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "libssh2", vendor: "The libssh2 Project", versions: [ { status: "affected", version: "1.8.1", }, ], }, ], datePublic: "2019-03-13T00:00:00", descriptions: [ { lang: "en", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 7.3, baseSeverity: "HIGH", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-130", description: "CWE-130", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2020-01-15T19:15:26", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { tags: [ "x_refsource_MISC", ], url: "https://www.libssh2.org/CVE-2019-3862.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3862", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1884", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:1884", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3862", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "libssh2", version: { version_data: [ { version_value: "1.8.1", }, ], }, }, ], }, vendor_name: "The libssh2 Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, ], }, impact: { cvss: [ [ { vectorString: "7.3/CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-130", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Mar/25", }, { name: "https://www.libssh2.org/CVE-2019-3862.html", refsource: "MISC", url: "https://www.libssh2.org/CVE-2019-3862.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3862", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3862", }, { name: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", refsource: "BID", url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { name: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", refsource: "CONFIRM", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:1884", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:1884", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { name: "https://www.oracle.com/security-alerts/cpujan2020.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2020.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3862", datePublished: "2019-03-20T21:39:52", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:19:18.615Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3858
Vulnerability from cvelistv5
Published
2019-03-21 20:22
Modified
2024-08-04 19:19
Severity ?
EPSS score ?
Summary
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The libssh2 Project | libssh2 |
Version: 1.8.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.593Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3858", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.libssh2.org/CVE-2019-3858.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:2136", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2136", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "libssh2", vendor: "The libssh2 Project", versions: [ { status: "affected", version: "1.8.1", }, ], }, ], datePublic: "2019-03-13T00:00:00", descriptions: [ { lang: "en", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-16T17:41:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3858", }, { tags: [ "x_refsource_MISC", ], url: "https://www.libssh2.org/CVE-2019-3858.html", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:2136", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2136", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3858", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "libssh2", version: { version_data: [ { version_value: "1.8.1", }, ], }, }, ], }, vendor_name: "The libssh2 Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, ], }, impact: { cvss: [ [ { vectorString: "5.0/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Mar/25", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3858", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3858", }, { name: "https://www.libssh2.org/CVE-2019-3858.html", refsource: "MISC", url: "https://www.libssh2.org/CVE-2019-3858.html", }, { name: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", refsource: "BID", url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { name: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", refsource: "CONFIRM", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:2136", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2136", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3858", datePublished: "2019-03-21T20:22:47", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:19:18.593Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3861
Vulnerability from cvelistv5
Published
2019-03-25 18:30
Modified
2024-08-04 19:19
Severity ?
EPSS score ?
Summary
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The libssh2 Project | libssh2 |
Version: 1.8.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.629Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.libssh2.org/CVE-2019-3861.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3861", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:2136", tags: [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred", ], url: "https://access.redhat.com/errata/RHSA-2019:2136", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "libssh2", vendor: "The libssh2 Project", versions: [ { status: "affected", version: "1.8.1", }, ], }, ], descriptions: [ { lang: "en", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-16T17:41:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.libssh2.org/CVE-2019-3861.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3861", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:2136", tags: [ "vendor-advisory", "x_refsource_REDHAT", ], url: "https://access.redhat.com/errata/RHSA-2019:2136", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3861", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "libssh2", version: { version_data: [ { version_value: "1.8.1", }, ], }, }, ], }, vendor_name: "The libssh2 Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, ], }, impact: { cvss: [ [ { vectorString: "5.0/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "https://www.libssh2.org/CVE-2019-3861.html", refsource: "MISC", url: "https://www.libssh2.org/CVE-2019-3861.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3861", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3861", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "RHSA-2019:2136", refsource: "REDHAT", url: "https://access.redhat.com/errata/RHSA-2019:2136", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3861", datePublished: "2019-03-25T18:30:43", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:19:18.629Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-0787
Vulnerability from cvelistv5
Published
2016-04-13 17:00
Modified
2024-08-05 22:30
Severity ?
EPSS score ?
Summary
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T22:30:04.675Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "FEDORA-2016-215a2219b1", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10156", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.libssh2.org/CVE-2016-0787.patch", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.libssh2.org/adv_20160223.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://puppet.com/security/cve/CVE-2016-0787", }, { name: "FEDORA-2016-7942ee2cc5", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html", }, { name: "GLSA-201606-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/201606-12", }, { name: "openSUSE-SU-2016:0639", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bto.bluecoat.com/security-advisory/sa120", }, { name: "DSA-3487", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2016/dsa-3487", }, { name: "82514", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/82514", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-02-23T00:00:00", descriptions: [ { lang: "en", value: "The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a \"bits/bytes confusion bug.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-12-08T10:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "FEDORA-2016-215a2219b1", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10156", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.libssh2.org/CVE-2016-0787.patch", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.libssh2.org/adv_20160223.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://puppet.com/security/cve/CVE-2016-0787", }, { name: "FEDORA-2016-7942ee2cc5", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html", }, { name: "GLSA-201606-12", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/201606-12", }, { name: "openSUSE-SU-2016:0639", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bto.bluecoat.com/security-advisory/sa120", }, { name: "DSA-3487", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2016/dsa-3487", }, { name: "82514", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/82514", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2016-0787", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a \"bits/bytes confusion bug.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "FEDORA-2016-215a2219b1", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html", }, { name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10156", refsource: "CONFIRM", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10156", }, { name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", refsource: "CONFIRM", url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", }, { name: "https://www.libssh2.org/CVE-2016-0787.patch", refsource: "CONFIRM", url: "https://www.libssh2.org/CVE-2016-0787.patch", }, { name: "https://www.libssh2.org/adv_20160223.html", refsource: "CONFIRM", url: "https://www.libssh2.org/adv_20160223.html", }, { name: "https://puppet.com/security/cve/CVE-2016-0787", refsource: "CONFIRM", url: "https://puppet.com/security/cve/CVE-2016-0787", }, { name: "FEDORA-2016-7942ee2cc5", refsource: "FEDORA", url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html", }, { name: "GLSA-201606-12", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/201606-12", }, { name: "openSUSE-SU-2016:0639", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html", }, { name: "https://bto.bluecoat.com/security-advisory/sa120", refsource: "CONFIRM", url: "https://bto.bluecoat.com/security-advisory/sa120", }, { name: "DSA-3487", refsource: "DEBIAN", url: "http://www.debian.org/security/2016/dsa-3487", }, { name: "82514", refsource: "BID", url: "http://www.securityfocus.com/bid/82514", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2016-0787", datePublished: "2016-04-13T17:00:00", dateReserved: "2015-12-16T00:00:00", dateUpdated: "2024-08-05T22:30:04.675Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3859
Vulnerability from cvelistv5
Published
2019-03-20 21:18
Modified
2024-08-04 19:19
Severity ?
EPSS score ?
Summary
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The libssh2 Project | libssh2 |
Version: 1.8.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.624Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.libssh2.org/CVE-2019-3859.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3859", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "[debian-lts-announce] 20190402 [SECURITY] [DLA 1730-2] libssh2 regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00006.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "openSUSE-SU-2019:1290", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.html", }, { name: "openSUSE-SU-2019:1291", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00103.html", }, { name: "[debian-lts-announce] 20190725 [SECURITY] [DLA 1730-3] libssh2 regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "libssh2", vendor: "The libssh2 Project", versions: [ { status: "affected", version: "1.8.1", }, ], }, ], datePublic: "2019-03-13T00:00:00", descriptions: [ { lang: "en", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-16T17:41:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Mar/25", }, { tags: [ "x_refsource_MISC", ], url: "https://www.libssh2.org/CVE-2019-3859.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3859", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "[debian-lts-announce] 20190402 [SECURITY] [DLA 1730-2] libssh2 regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00006.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "openSUSE-SU-2019:1290", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.html", }, { name: "openSUSE-SU-2019:1291", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00103.html", }, { name: "[debian-lts-announce] 20190725 [SECURITY] [DLA 1730-3] libssh2 regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3859", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "libssh2", version: { version_data: [ { version_value: "1.8.1", }, ], }, }, ], }, vendor_name: "The libssh2 Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, ], }, impact: { cvss: [ [ { vectorString: "5.0/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20190318 [SECURITY ADVISORIES] libssh2", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { name: "20190319 [slackware-security] libssh2 (SSA:2019-077-01)", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Mar/25", }, { name: "https://www.libssh2.org/CVE-2019-3859.html", refsource: "MISC", url: "https://www.libssh2.org/CVE-2019-3859.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3859", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3859", }, { name: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", refsource: "MISC", url: "http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html", }, { name: "107485", refsource: "BID", url: "http://www.securityfocus.com/bid/107485", }, { name: "FEDORA-2019-f31c14682f", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { name: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", refsource: "CONFIRM", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "[debian-lts-announce] 20190402 [SECURITY] [DLA 1730-2] libssh2 regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/04/msg00006.html", }, { name: "openSUSE-SU-2019:1109", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "openSUSE-SU-2019:1290", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.html", }, { name: "openSUSE-SU-2019:1291", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00103.html", }, { name: "[debian-lts-announce] 20190725 [SECURITY] [DLA 1730-3] libssh2 regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3859", datePublished: "2019-03-20T21:18:13", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:19:18.624Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2020-22218
Vulnerability from cvelistv5
Published
2023-08-22 00:00
Modified
2024-10-03 18:09
Severity ?
EPSS score ?
Summary
An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T14:51:10.505Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/libssh2/libssh2/pull/476", }, { name: "[debian-lts-announce] 20230908 [SECURITY] [DLA 3559-1] libssh2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20231006-0002/", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2020-22218", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-10-03T18:09:15.416860Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-10-03T18:09:37.723Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-10-06T14:06:28.672674", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/libssh2/libssh2/pull/476", }, { name: "[debian-lts-announce] 20230908 [SECURITY] [DLA 3559-1] libssh2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, { url: "https://security.netapp.com/advisory/ntap-20231006-0002/", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2020-22218", datePublished: "2023-08-22T00:00:00", dateReserved: "2020-08-13T00:00:00", dateUpdated: "2024-10-03T18:09:37.723Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-13115
Vulnerability from cvelistv5
Published
2019-07-16 00:00
Modified
2024-08-04 23:41
Severity ?
EPSS score ?
Summary
In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T23:41:10.457Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://github.com/libssh2/libssh2/pull/350", }, { tags: [ "x_transferred", ], url: "https://libssh2.org/changes.html", }, { tags: [ "x_transferred", ], url: "https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa", }, { tags: [ "x_transferred", ], url: "https://blog.semmle.com/libssh2-integer-overflow/", }, { name: "[debian-lts-announce] 20190725 [SECURITY] [DLA 1730-3] libssh2 regression update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html", }, { name: "FEDORA-2019-9d85600fc7", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", }, { name: "FEDORA-2019-5885663621", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190806-0002/", }, { tags: [ "x_transferred", ], url: "https://support.f5.com/csp/article/K13322484", }, { tags: [ "x_transferred", ], url: "https://support.f5.com/csp/article/K13322484?utm_source=f5support&%3Butm_medium=RSS", }, { name: "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", }, { name: "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", }, { name: "[debian-lts-announce] 20211217 [SECURITY] [DLA 2848-1] libssh2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/172834/libssh2-1.8.2-Out-Of-Bounds-Read.html", }, { name: "[debian-lts-announce] 20230908 [SECURITY] [DLA 3559-1] libssh2 security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2023-09-08T13:06:24.201315", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://github.com/libssh2/libssh2/pull/350", }, { url: "https://libssh2.org/changes.html", }, { url: "https://github.com/libssh2/libssh2/compare/02ecf17...42d37aa", }, { url: "https://blog.semmle.com/libssh2-integer-overflow/", }, { name: "[debian-lts-announce] 20190725 [SECURITY] [DLA 1730-3] libssh2 regression update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00024.html", }, { name: "FEDORA-2019-9d85600fc7", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6LUNHPW64IGCASZ4JQ2J5KDXNZN53DWW/", }, { name: "FEDORA-2019-5885663621", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M7IF3LNHOA75O4WZWIHJLIRMA5LJUED3/", }, { url: "https://security.netapp.com/advisory/ntap-20190806-0002/", }, { url: "https://support.f5.com/csp/article/K13322484", }, { url: "https://support.f5.com/csp/article/K13322484?utm_source=f5support&%3Butm_medium=RSS", }, { name: "[bookkeeper-issues] 20210628 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/rf4c02775860db415b4955778a131c2795223f61cb8c6a450893651e4%40%3Cissues.bookkeeper.apache.org%3E", }, { name: "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", tags: [ "mailing-list", ], url: "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b%40%3Cissues.bookkeeper.apache.org%3E", }, { name: "[debian-lts-announce] 20211217 [SECURITY] [DLA 2848-1] libssh2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2021/12/msg00013.html", }, { url: "http://packetstormsecurity.com/files/172834/libssh2-1.8.2-Out-Of-Bounds-Read.html", }, { name: "[debian-lts-announce] 20230908 [SECURITY] [DLA 3559-1] libssh2 security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/09/msg00006.html", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-13115", datePublished: "2019-07-16T00:00:00", dateReserved: "2019-06-30T00:00:00", dateUpdated: "2024-08-04T23:41:10.457Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-3860
Vulnerability from cvelistv5
Published
2019-03-25 18:30
Modified
2024-08-04 19:19
Severity ?
EPSS score ?
Summary
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| The libssh2 Project | libssh2 |
Version: 1.8.1 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T19:19:18.589Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.libssh2.org/CVE-2019-3860.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3860", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "openSUSE-SU-2019:1640", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00072.html", }, { name: "[debian-lts-announce] 20190730 [SECURITY] [DLA 1730-4] libssh2 regression update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00028.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "libssh2", vendor: "The libssh2 Project", versions: [ { status: "affected", version: "1.8.1", }, ], }, ], descriptions: [ { lang: "en", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, ], metrics: [ { cvssV3_0: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, }, ], problemTypes: [ { descriptions: [ { cweId: "CWE-125", description: "CWE-125", lang: "en", type: "CWE", }, ], }, ], providerMetadata: { dateUpdated: "2019-10-16T17:41:00", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.libssh2.org/CVE-2019-3860.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3860", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "openSUSE-SU-2019:1640", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00072.html", }, { name: "[debian-lts-announce] 20190730 [SECURITY] [DLA 1730-4] libssh2 regression update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00028.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2019-3860", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "libssh2", version: { version_data: [ { version_value: "1.8.1", }, ], }, }, ], }, vendor_name: "The libssh2 Project", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.", }, ], }, impact: { cvss: [ [ { vectorString: "5.0/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L", version: "3.0", }, ], ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "CWE-125", }, ], }, ], }, references: { reference_data: [ { name: "https://www.libssh2.org/CVE-2019-3860.html", refsource: "MISC", url: "https://www.libssh2.org/CVE-2019-3860.html", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3860", refsource: "CONFIRM", url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3860", }, { name: "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { name: "https://security.netapp.com/advisory/ntap-20190327-0005/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { name: "openSUSE-SU-2019:1075", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { name: "openSUSE-SU-2019:1109", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { name: "FEDORA-2019-3348cb4934", refsource: "FEDORA", url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/", }, { name: "DSA-4431", refsource: "DEBIAN", url: "https://www.debian.org/security/2019/dsa-4431", }, { name: "20190415 [SECURITY] [DSA 4431-1] libssh2 security update", refsource: "BUGTRAQ", url: "https://seclists.org/bugtraq/2019/Apr/25", }, { name: "openSUSE-SU-2019:1640", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00072.html", }, { name: "[debian-lts-announce] 20190730 [SECURITY] [DLA 1730-4] libssh2 regression update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2019/07/msg00028.html", }, { name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", refsource: "MISC", url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2019-3860", datePublished: "2019-03-25T18:30:50", dateReserved: "2019-01-03T00:00:00", dateUpdated: "2024-08-04T19:19:18.589Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2023-48795
Vulnerability from cvelistv5
Published
2023-12-18 00:00
Modified
2024-08-02 21:46
Severity ?
EPSS score ?
Summary
The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-02T21:46:27.255Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { tags: [ "x_transferred", ], url: "https://matt.ucc.asn.au/dropbear/CHANGES", }, { tags: [ "x_transferred", ], url: "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", }, { tags: [ "x_transferred", ], url: "https://www.netsarang.com/en/xshell-update-history/", }, { tags: [ "x_transferred", ], url: "https://www.paramiko.org/changelog.html", }, { tags: [ "x_transferred", ], url: "https://www.openssh.com/openbsd.html", }, { tags: [ "x_transferred", ], url: "https://github.com/openssh/openssh-portable/commits/master", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", }, { tags: [ "x_transferred", ], url: "https://www.bitvise.com/ssh-server-version-history", }, { tags: [ "x_transferred", ], url: "https://github.com/ronf/asyncssh/tags", }, { tags: [ "x_transferred", ], url: "https://gitlab.com/libssh/libssh-mirror/-/tags", }, { tags: [ "x_transferred", ], url: "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", }, { tags: [ "x_transferred", ], url: "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", }, { tags: [ "x_transferred", ], url: "https://www.openssh.com/txt/release-9.6", }, { tags: [ "x_transferred", ], url: "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", }, { tags: [ "x_transferred", ], url: "https://www.terrapin-attack.com", }, { tags: [ "x_transferred", ], url: "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", }, { tags: [ "x_transferred", ], url: "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", }, { tags: [ "x_transferred", ], url: "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", }, { tags: [ "x_transferred", ], url: "https://github.com/warp-tech/russh/releases/tag/v0.40.2", }, { tags: [ "x_transferred", ], url: "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2023/12/18/2", }, { tags: [ "x_transferred", ], url: "https://twitter.com/TrueSkrillor/status/1736774389725565005", }, { tags: [ "x_transferred", ], url: "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", }, { tags: [ "x_transferred", ], url: "https://github.com/paramiko/paramiko/issues/2337", }, { tags: [ "x_transferred", ], url: "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=38684904", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=38685286", }, { name: "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/12/18/3", }, { tags: [ "x_transferred", ], url: "https://github.com/mwiede/jsch/issues/457", }, { tags: [ "x_transferred", ], url: "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", }, { tags: [ "x_transferred", ], url: "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", }, { tags: [ "x_transferred", ], url: "https://github.com/advisories/GHSA-45x7-px36-x8w8", }, { tags: [ "x_transferred", ], url: "https://security-tracker.debian.org/tracker/source-package/libssh2", }, { tags: [ "x_transferred", ], url: "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", }, { tags: [ "x_transferred", ], url: "https://security-tracker.debian.org/tracker/CVE-2023-48795", }, { tags: [ "x_transferred", ], url: "https://bugzilla.suse.com/show_bug.cgi?id=1217950", }, { tags: [ "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", }, { tags: [ "x_transferred", ], url: "https://bugs.gentoo.org/920280", }, { tags: [ "x_transferred", ], url: "https://ubuntu.com/security/CVE-2023-48795", }, { tags: [ "x_transferred", ], url: "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", }, { tags: [ "x_transferred", ], url: "https://access.redhat.com/security/cve/cve-2023-48795", }, { tags: [ "x_transferred", ], url: "https://github.com/mwiede/jsch/pull/461", }, { tags: [ "x_transferred", ], url: "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", }, { tags: [ "x_transferred", ], url: "https://github.com/libssh2/libssh2/pull/1291", }, { tags: [ "x_transferred", ], url: "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", }, { tags: [ "x_transferred", ], url: "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", }, { tags: [ "x_transferred", ], url: "https://github.com/rapier1/hpn-ssh/releases", }, { tags: [ "x_transferred", ], url: "https://github.com/proftpd/proftpd/issues/456", }, { tags: [ "x_transferred", ], url: "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", }, { tags: [ "x_transferred", ], url: "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", }, { tags: [ "x_transferred", ], url: "https://oryx-embedded.com/download/#changelog", }, { tags: [ "x_transferred", ], url: "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", }, { tags: [ "x_transferred", ], url: "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", }, { tags: [ "x_transferred", ], url: "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", }, { tags: [ "x_transferred", ], url: "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", }, { tags: [ "x_transferred", ], url: "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", }, { tags: [ "x_transferred", ], url: "https://crates.io/crates/thrussh/versions", }, { tags: [ "x_transferred", ], url: "https://github.com/NixOS/nixpkgs/pull/275249", }, { name: "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/12/19/5", }, { tags: [ "x_transferred", ], url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", }, { tags: [ "x_transferred", ], url: "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", }, { name: "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2023/12/20/3", }, { tags: [ "x_transferred", ], url: "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", }, { tags: [ "x_transferred", ], url: "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", }, { tags: [ "x_transferred", ], url: "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", }, { tags: [ "x_transferred", ], url: "https://github.com/apache/mina-sshd/issues/445", }, { tags: [ "x_transferred", ], url: "https://github.com/hierynomus/sshj/issues/916", }, { tags: [ "x_transferred", ], url: "https://github.com/janmojzis/tinyssh/issues/81", }, { tags: [ "x_transferred", ], url: "https://www.openwall.com/lists/oss-security/2023/12/20/3", }, { tags: [ "x_transferred", ], url: "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", }, { tags: [ "x_transferred", ], url: "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", }, { name: "FEDORA-2023-0733306be9", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", }, { name: "DSA-5586", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5586", }, { tags: [ "x_transferred", ], url: "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", }, { tags: [ "x_transferred", ], url: "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", }, { tags: [ "x_transferred", ], url: "https://filezilla-project.org/versions.php", }, { tags: [ "x_transferred", ], url: "https://nova.app/releases/#v11.8", }, { tags: [ "x_transferred", ], url: "https://roumenpetrov.info/secsh/#news20231220", }, { tags: [ "x_transferred", ], url: "https://www.vandyke.com/products/securecrt/history.txt", }, { tags: [ "x_transferred", ], url: "https://help.panic.com/releasenotes/transmit5/", }, { tags: [ "x_transferred", ], url: "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", }, { tags: [ "x_transferred", ], url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", }, { tags: [ "x_transferred", ], url: "https://winscp.net/eng/docs/history#6.2.2", }, { tags: [ "x_transferred", ], url: "https://www.bitvise.com/ssh-client-version-history#933", }, { tags: [ "x_transferred", ], url: "https://github.com/cyd01/KiTTY/issues/520", }, { name: "DSA-5588", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2023/dsa-5588", }, { tags: [ "x_transferred", ], url: "https://github.com/ssh-mitm/ssh-mitm/issues/165", }, { tags: [ "x_transferred", ], url: "https://news.ycombinator.com/item?id=38732005", }, { name: "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", }, { name: "GLSA-202312-16", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-16", }, { name: "GLSA-202312-17", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202312-17", }, { name: "FEDORA-2023-20feb865d8", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", }, { name: "FEDORA-2023-cb8c606fbb", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", }, { name: "FEDORA-2023-e77300e4b5", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", }, { name: "FEDORA-2023-b87ec6cf47", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", }, { name: "FEDORA-2023-153404713b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", }, { tags: [ "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20240105-0004/", }, { name: "FEDORA-2024-3bb23c77f3", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/", }, { name: "FEDORA-2023-55800423a8", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", }, { name: "FEDORA-2024-d946b9ad25", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/", }, { name: "FEDORA-2024-71c2c6526c", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/", }, { name: "FEDORA-2024-39a8c72ea9", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/", }, { tags: [ "x_transferred", ], url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002", }, { name: "FEDORA-2024-ae653fb07b", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/", }, { name: "FEDORA-2024-2705241461", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/", }, { name: "FEDORA-2024-fb32950d11", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/", }, { name: "FEDORA-2024-7b08207cdb", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/", }, { name: "FEDORA-2024-06ebb70bdd", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/", }, { name: "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html", }, { name: "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html", }, { name: "FEDORA-2024-a53b24023d", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/", }, { name: "FEDORA-2024-3fd1bc9276", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/", }, { tags: [ "x_transferred", ], url: "https://support.apple.com/kb/HT214084", }, { name: "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4", tags: [ "mailing-list", "x_transferred", ], url: "http://seclists.org/fulldisclosure/2024/Mar/21", }, { name: "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { name: "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/04/17/8", }, { name: "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2024/03/06/3", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-01T18:06:23.972272", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", }, { url: "https://matt.ucc.asn.au/dropbear/CHANGES", }, { url: "https://github.com/proftpd/proftpd/blob/master/RELEASE_NOTES", }, { url: "https://www.netsarang.com/en/xshell-update-history/", }, { url: "https://www.paramiko.org/changelog.html", }, { url: "https://www.openssh.com/openbsd.html", }, { url: "https://github.com/openssh/openssh-portable/commits/master", }, { url: "https://groups.google.com/g/golang-announce/c/-n5WqVC18LQ", }, { url: "https://www.bitvise.com/ssh-server-version-history", }, { url: "https://github.com/ronf/asyncssh/tags", }, { url: "https://gitlab.com/libssh/libssh-mirror/-/tags", }, { url: "https://www.reddit.com/r/sysadmin/comments/18idv52/cve202348795_why_is_this_cve_still_undisclosed/", }, { url: "https://github.com/erlang/otp/blob/d1b43dc0f1361d2ad67601169e90a7fc50bb0369/lib/ssh/doc/src/notes.xml#L39-L42", }, { url: "https://www.openssh.com/txt/release-9.6", }, { url: "https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/", }, { url: "https://www.terrapin-attack.com", }, { url: "https://github.com/mkj/dropbear/blob/17657c36cce6df7716d5ff151ec09a665382d5dd/CHANGES#L25", }, { url: "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst", }, { url: "https://thorntech.com/cve-2023-48795-and-sftp-gateway/", }, { url: "https://github.com/warp-tech/russh/releases/tag/v0.40.2", }, { url: "https://github.com/TeraTermProject/teraterm/commit/7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0", }, { url: "https://www.openwall.com/lists/oss-security/2023/12/18/2", }, { url: "https://twitter.com/TrueSkrillor/status/1736774389725565005", }, { url: "https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d", }, { url: "https://github.com/paramiko/paramiko/issues/2337", }, { url: "https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg", }, { url: "https://news.ycombinator.com/item?id=38684904", }, { url: "https://news.ycombinator.com/item?id=38685286", }, { name: "[oss-security] 20231218 CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/12/18/3", }, { url: "https://github.com/mwiede/jsch/issues/457", }, { url: "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6", }, { url: "https://github.com/erlang/otp/releases/tag/OTP-26.2.1", }, { url: "https://github.com/advisories/GHSA-45x7-px36-x8w8", }, { url: "https://security-tracker.debian.org/tracker/source-package/libssh2", }, { url: "https://security-tracker.debian.org/tracker/source-package/proftpd-dfsg", }, { url: "https://security-tracker.debian.org/tracker/CVE-2023-48795", }, { url: "https://bugzilla.suse.com/show_bug.cgi?id=1217950", }, { url: "https://bugzilla.redhat.com/show_bug.cgi?id=2254210", }, { url: "https://bugs.gentoo.org/920280", }, { url: "https://ubuntu.com/security/CVE-2023-48795", }, { url: "https://www.suse.com/c/suse-addresses-the-ssh-v2-protocol-terrapin-attack-aka-cve-2023-48795/", }, { url: "https://access.redhat.com/security/cve/cve-2023-48795", }, { url: "https://github.com/mwiede/jsch/pull/461", }, { url: "https://github.com/drakkan/sftpgo/releases/tag/v2.5.6", }, { url: "https://github.com/libssh2/libssh2/pull/1291", }, { url: "https://forum.netgate.com/topic/184941/terrapin-ssh-attack", }, { url: "https://github.com/jtesta/ssh-audit/commit/8e972c5e94b460379fe0c7d20209c16df81538a5", }, { url: "https://github.com/rapier1/hpn-ssh/releases", }, { url: "https://github.com/proftpd/proftpd/issues/456", }, { url: "https://github.com/TeraTermProject/teraterm/releases/tag/v5.1", }, { url: "https://github.com/mwiede/jsch/compare/jsch-0.2.14...jsch-0.2.15", }, { url: "https://oryx-embedded.com/download/#changelog", }, { url: "https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update", }, { url: "https://github.com/connectbot/sshlib/compare/2.2.21...2.2.22", }, { url: "https://github.com/connectbot/sshlib/commit/5c8b534f6e97db7ac0e0e579331213aa25c173ab", }, { url: "https://github.com/mscdex/ssh2/commit/97b223f8891b96d6fc054df5ab1d5a1a545da2a3", }, { url: "https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC", }, { url: "https://crates.io/crates/thrussh/versions", }, { url: "https://github.com/NixOS/nixpkgs/pull/275249", }, { name: "[oss-security] 20231219 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/12/19/5", }, { url: "https://www.freebsd.org/security/advisories/FreeBSD-SA-23:19.openssh.asc", }, { url: "https://arstechnica.com/security/2023/12/hackers-can-break-ssh-channel-integrity-using-novel-data-corruption-attack/", }, { name: "[oss-security] 20231220 Re: CVE-2023-48795: Prefix Truncation Attacks in SSH Specification (Terrapin Attack)", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2023/12/20/3", }, { url: "http://packetstormsecurity.com/files/176280/Terrapin-SSH-Connection-Weakening.html", }, { url: "https://github.com/proftpd/proftpd/blob/d21e7a2e47e9b38f709bec58e3fa711f759ad0e1/RELEASE_NOTES", }, { url: "https://github.com/proftpd/proftpd/blob/0a7ea9b0ba9fcdf368374a226370d08f10397d99/RELEASE_NOTES", }, { url: "https://github.com/apache/mina-sshd/issues/445", }, { url: "https://github.com/hierynomus/sshj/issues/916", }, { url: "https://github.com/janmojzis/tinyssh/issues/81", }, { url: "https://www.openwall.com/lists/oss-security/2023/12/20/3", }, { url: "https://security-tracker.debian.org/tracker/source-package/trilead-ssh2", }, { url: "https://github.com/net-ssh/net-ssh/blob/2e65064a52d73396bfc3806c9196fc8108f33cd8/CHANGES.txt#L14-L16", }, { name: "FEDORA-2023-0733306be9", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MKQRBF3DWMWPH36LBCOBUTSIZRTPEZXB/", }, { name: "DSA-5586", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5586", }, { url: "https://www.lancom-systems.de/service-support/allgemeine-sicherheitshinweise#c243508", }, { url: "https://www.theregister.com/2023/12/20/terrapin_attack_ssh", }, { url: "https://filezilla-project.org/versions.php", }, { url: "https://nova.app/releases/#v11.8", }, { url: "https://roumenpetrov.info/secsh/#news20231220", }, { url: "https://www.vandyke.com/products/securecrt/history.txt", }, { url: "https://help.panic.com/releasenotes/transmit5/", }, { url: "https://github.com/PowerShell/Win32-OpenSSH/releases/tag/v9.5.0.0p1-Beta", }, { url: "https://github.com/PowerShell/Win32-OpenSSH/issues/2189", }, { url: "https://winscp.net/eng/docs/history#6.2.2", }, { url: "https://www.bitvise.com/ssh-client-version-history#933", }, { url: "https://github.com/cyd01/KiTTY/issues/520", }, { name: "DSA-5588", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2023/dsa-5588", }, { url: "https://github.com/ssh-mitm/ssh-mitm/issues/165", }, { url: "https://news.ycombinator.com/item?id=38732005", }, { name: "[debian-lts-announce] 20231226 [SECURITY] [DLA 3694-1] openssh security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2023/12/msg00017.html", }, { name: "GLSA-202312-16", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202312-16", }, { name: "GLSA-202312-17", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202312-17", }, { name: "FEDORA-2023-20feb865d8", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YQLUQWLIHDB5QCXQEX7HXHAWMOKPP5O/", }, { name: "FEDORA-2023-cb8c606fbb", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7EYCFQCTSGJXWO3ZZ44MGKFC5HA7G3Y/", }, { name: "FEDORA-2023-e77300e4b5", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APYIXIQOVDCRWLHTGB4VYMAUIAQLKYJ3/", }, { name: "FEDORA-2023-b87ec6cf47", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QI3EHAHABFQK7OABNCSF5GMYP6TONTI7/", }, { name: "FEDORA-2023-153404713b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KMZCVGUGJZZVDPCVDA7TEB22VUCNEXDD/", }, { url: "https://security.netapp.com/advisory/ntap-20240105-0004/", }, { name: "FEDORA-2024-3bb23c77f3", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3CAYYW35MUTNO65RVAELICTNZZFMT2XS/", }, { name: "FEDORA-2023-55800423a8", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LZQVUHWVWRH73YBXUQJOD6CKHDQBU3DM/", }, { name: "FEDORA-2024-d946b9ad25", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C3AFMZ6MH2UHHOPIWT5YLSFV3D2VB3AC/", }, { name: "FEDORA-2024-71c2c6526c", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BL5KTLOSLH2KHRN4HCXJPK3JUVLDGEL6/", }, { name: "FEDORA-2024-39a8c72ea9", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/33XHJUB6ROFUOH2OQNENFROTVH6MHSHA/", }, { url: "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0002", }, { name: "FEDORA-2024-ae653fb07b", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CHHITS4PUOZAKFIUBQAQZC7JWXMOYE4B/", }, { name: "FEDORA-2024-2705241461", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I724O3LSRCPO4WNVIXTZCT4VVRMXMMSG/", }, { name: "FEDORA-2024-fb32950d11", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KEOTKBUPZXHE3F352JBYNTSNRXYLWD6P/", }, { name: "FEDORA-2024-7b08207cdb", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYEDEXIKFKTUJIN43RG4B7T5ZS6MHUSP/", }, { name: "FEDORA-2024-06ebb70bdd", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y74KVCPEPT4MVU3LHDWCNNOXOE5ZLUR/", }, { name: "[debian-lts-announce] 20240125 [SECURITY] [DLA 3718-1] php-phpseclib security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00013.html", }, { name: "[debian-lts-announce] 20240125 [SECURITY] [DLA 3719-1] phpseclib security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2024/01/msg00014.html", }, { name: "FEDORA-2024-a53b24023d", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L5Y6MNNVAPIJSXJERQ6PKZVCIUXSNJK7/", }, { name: "FEDORA-2024-3fd1bc9276", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3JIMLVBDWOP4FUPXPTB4PGHHIOMGFLQE/", }, { url: "https://support.apple.com/kb/HT214084", }, { name: "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4", tags: [ "mailing-list", ], url: "http://seclists.org/fulldisclosure/2024/Mar/21", }, { name: "[debian-lts-announce] 20240425 [SECURITY] [DLA 3794-1] putty security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2024/04/msg00016.html", }, { name: "[oss-security] 20240417 Terrapin vulnerability in Jenkins CLI client", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/04/17/8", }, { name: "[oss-security] 20240306 Multiple vulnerabilities in Jenkins plugins", tags: [ "mailing-list", ], url: "http://www.openwall.com/lists/oss-security/2024/03/06/3", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2023-48795", datePublished: "2023-12-18T00:00:00", dateReserved: "2023-11-20T00:00:00", dateUpdated: "2024-08-02T21:46:27.255Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
var-201903-0388
Vulnerability from variot
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. libssh2 Contains an integer overflow vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. libssh2 is prone to multiple security vulnerabilities. Attackers can exploit these issues to execute arbitrary code, perform unauthorized actions, cause denial-of-service conditions, retrieve sensitive information; other attacks may also be possible. It can execute remote commands and file transfers, and at the same time provide a secure transmission channel for remote programs. An integer overflow vulnerability exists in libssh2. The vulnerability is caused by the '_libssh2_transport_read()' function not properly checking the packet_length value from the server. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
APPLE-SA-2019-9-26-7 Xcode 11.0
Xcode 11.0 addresses the following:
IDE SCM Available for: macOS Mojave 10.14.4 and later Impact: Multiple issues in libssh2 Description: Multiple issues were addressed by updating to version 2.16. CVE-2019-3855: Chris Coulson
ld64 Available for: macOS Mojave 10.14.4 and later Impact: Compiling code without proper input validation could lead to arbitrary code execution with user privilege Description: Multiple issues in ld64 in the Xcode toolchains were addressed by updating to version ld64-507.4. CVE-2019-8721: Pan ZhenPeng of Qihoo 360 Nirvan Team CVE-2019-8722: Pan ZhenPeng of Qihoo 360 Nirvan Team CVE-2019-8723: Pan ZhenPeng of Qihoo 360 Nirvan Team CVE-2019-8724: Pan ZhenPeng of Qihoo 360 Nirvan Team
otool Available for: macOS Mojave 10.14.4 and later Impact: Processing a maliciously crafted file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved state management. CVE-2019-8738: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team CVE-2019-8739: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team
Installation note:
Xcode 11.0 may be obtained from:
https://developer.apple.com/xcode/downloads/
To check that the Xcode has been updated:
- Select Xcode in the menu bar
- Select About Xcode
- The version after applying this update will be "11.0". -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
====================================================================
Red Hat Security Advisory
Synopsis: Important: libssh2 security update Advisory ID: RHSA-2019:0679-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2019:0679 Issue date: 2019-03-28 CVE Names: CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3863 ==================================================================== 1. Summary:
An update for libssh2 is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Client (v. 7) - x86_64 Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le, s390x
- Description:
The libssh2 packages provide a library that implements the SSH2 protocol.
- Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing these updated packages, all running applications using libssh2 must be restarted for this update to take effect.
- Package List:
Red Hat Enterprise Linux Client (v. 7):
Source: libssh2-1.4.3-12.el7_6.2.src.rpm
x86_64: libssh2-1.4.3-12.el7_6.2.i686.rpm libssh2-1.4.3-12.el7_6.2.x86_64.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux Client Optional (v. 7):
noarch: libssh2-docs-1.4.3-12.el7_6.2.noarch.rpm
x86_64: libssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm libssh2-devel-1.4.3-12.el7_6.2.i686.rpm libssh2-devel-1.4.3-12.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux ComputeNode (v. 7):
Source: libssh2-1.4.3-12.el7_6.2.src.rpm
x86_64: libssh2-1.4.3-12.el7_6.2.i686.rpm libssh2-1.4.3-12.el7_6.2.x86_64.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux ComputeNode Optional (v. 7):
noarch: libssh2-docs-1.4.3-12.el7_6.2.noarch.rpm
x86_64: libssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm libssh2-devel-1.4.3-12.el7_6.2.i686.rpm libssh2-devel-1.4.3-12.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux Server (v. 7):
Source: libssh2-1.4.3-12.el7_6.2.src.rpm
ppc64: libssh2-1.4.3-12.el7_6.2.ppc.rpm libssh2-1.4.3-12.el7_6.2.ppc64.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.ppc.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.ppc64.rpm
ppc64le: libssh2-1.4.3-12.el7_6.2.ppc64le.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.ppc64le.rpm
s390x: libssh2-1.4.3-12.el7_6.2.s390.rpm libssh2-1.4.3-12.el7_6.2.s390x.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.s390.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.s390x.rpm
x86_64: libssh2-1.4.3-12.el7_6.2.i686.rpm libssh2-1.4.3-12.el7_6.2.x86_64.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):
Source: libssh2-1.4.3-12.el7_6.2.src.rpm
aarch64: libssh2-1.4.3-12.el7_6.2.aarch64.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.aarch64.rpm
ppc64le: libssh2-1.4.3-12.el7_6.2.ppc64le.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.ppc64le.rpm
s390x: libssh2-1.4.3-12.el7_6.2.s390.rpm libssh2-1.4.3-12.el7_6.2.s390x.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.s390.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.s390x.rpm
Red Hat Enterprise Linux Server Optional (v. 7):
noarch: libssh2-docs-1.4.3-12.el7_6.2.noarch.rpm
ppc64: libssh2-debuginfo-1.4.3-12.el7_6.2.ppc.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.ppc64.rpm libssh2-devel-1.4.3-12.el7_6.2.ppc.rpm libssh2-devel-1.4.3-12.el7_6.2.ppc64.rpm
ppc64le: libssh2-debuginfo-1.4.3-12.el7_6.2.ppc64le.rpm libssh2-devel-1.4.3-12.el7_6.2.ppc64le.rpm
s390x: libssh2-debuginfo-1.4.3-12.el7_6.2.s390.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.s390x.rpm libssh2-devel-1.4.3-12.el7_6.2.s390.rpm libssh2-devel-1.4.3-12.el7_6.2.s390x.rpm
x86_64: libssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm libssh2-devel-1.4.3-12.el7_6.2.i686.rpm libssh2-devel-1.4.3-12.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):
aarch64: libssh2-debuginfo-1.4.3-12.el7_6.2.aarch64.rpm libssh2-devel-1.4.3-12.el7_6.2.aarch64.rpm
noarch: libssh2-docs-1.4.3-12.el7_6.2.noarch.rpm
ppc64le: libssh2-debuginfo-1.4.3-12.el7_6.2.ppc64le.rpm libssh2-devel-1.4.3-12.el7_6.2.ppc64le.rpm
s390x: libssh2-debuginfo-1.4.3-12.el7_6.2.s390.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.s390x.rpm libssh2-devel-1.4.3-12.el7_6.2.s390.rpm libssh2-devel-1.4.3-12.el7_6.2.s390x.rpm
Red Hat Enterprise Linux Workstation (v. 7):
Source: libssh2-1.4.3-12.el7_6.2.src.rpm
x86_64: libssh2-1.4.3-12.el7_6.2.i686.rpm libssh2-1.4.3-12.el7_6.2.x86_64.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm
Red Hat Enterprise Linux Workstation Optional (v. 7):
noarch: libssh2-docs-1.4.3-12.el7_6.2.noarch.rpm
x86_64: libssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm libssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm libssh2-devel-1.4.3-12.el7_6.2.i686.rpm libssh2-devel-1.4.3-12.el7_6.2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2019-3855 https://access.redhat.com/security/cve/CVE-2019-3856 https://access.redhat.com/security/cve/CVE-2019-3857 https://access.redhat.com/security/cve/CVE-2019-3863 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2019 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIVAwUBXJznXNzjgjWX9erEAQiaLQ/+NOZQa78T9tZT0qw516dUqmfm8y03YJDd LDgRcAbSQIlYF59kO4SxBZ13APCc8ippJXzSeBS49AeQLdesjaj3bYnWXeAiDwIE wE2zqYhjBH3YUW8vmoP26sC4Ov8rijsevHQcn7PcRiTrR/gSdzU59LkxouyWokAC nFVzke+D7aQMFv6mo9EbEEH1Q85/WIfJKKB4XuCHM13L1ohLuVVQnsjxwZtq8hev FCQp1moLuyyvDGjEa0lhp05gqIoDGPccpAzlcbz/HWgkb/6nGOQeTsGkN4MPCqbA O5YilLdgg3/HASMhtWopCgLQucDI6UEdA4sqAmQFJT5sB19kfJVRDQYSKIim8Tno 7DICVw0x5p4YzexurImz5tORwsAhTsKt52Z32KEgaVfZLqBwdJP+l3mQaS4H9wZ7 z4hSB+EPaK6UbKJVq5D5/vhYJlQsSd8sDkLcz30UqNpY0o3LwqBK/8m8apikjxCu cdM0ykUZJsccAB0zwuteBP9dEvyUHFhSkpQgWDZIqHgOuE2jpCnIRpl3aRDgB+ND XkktDObjALWmIqg1Zs6+vLIDhGKG08ZNSpwaLZQrvFK59aGA/2BTDgupJh607Tv4 D/l/yO/KxEaUQa5zsFpej2gIfIFElzZc82/ZmWaViyALtpjJ/kKdC4Fzb5PlVIuH tLzz6XhldNU=R5e5 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . 7.5) - noarch, ppc64, ppc64le, s390x, x86_64
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Debian Security Advisory DSA-4431-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 13, 2019 https://www.debian.org/security/faq
Package : libssh2 CVE ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863 Debian Bug : 924965
Chris Coulson discovered several vulnerabilities in libssh2, a SSH2 client-side library, which could result in denial of service, information leaks or the execution of arbitrary code.
For the stable distribution (stretch), these problems have been fixed in version 1.7.0-1+deb9u1.
We recommend that you upgrade your libssh2 packages
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201903-0388", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "libssh2", scope: "lt", trust: 1.8, vendor: "libssh2", version: "1.8.1", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "28", }, { model: "enterprise linux server aus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "30", }, { model: "ontap select deploy administration utility", scope: "eq", trust: 1, vendor: "netapp", version: null, }, { model: "leap", scope: "eq", trust: 1, vendor: "opensuse", version: "42.3", }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.57", }, { model: "enterprise linux", scope: "eq", trust: 1, vendor: "redhat", version: "8.0", }, { model: "enterprise linux server tus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6", }, { model: "enterprise linux desktop", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "enterprise linux workstation", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "8.0", }, { model: "fedora", scope: "eq", trust: 1, vendor: "fedoraproject", version: "29", }, { model: "enterprise linux server", scope: "eq", trust: 1, vendor: "redhat", version: "7.0", }, { model: "enterprise linux server eus", scope: "eq", trust: 1, vendor: "redhat", version: "7.6", }, { model: "xcode", scope: "lt", trust: 1, vendor: "apple", version: "11.0", }, { model: "peoplesoft enterprise peopletools", scope: "eq", trust: 1, vendor: "oracle", version: "8.56", }, { model: "linux", scope: "eq", trust: 1, vendor: "debian", version: "9.0", }, { model: "gnu/linux", scope: null, trust: 0.8, vendor: "debian", version: null, }, { model: "fedora", scope: "eq", trust: 0.8, vendor: "fedora", version: "29", }, { model: "ontap select deploy administration utility", scope: null, trust: 0.8, vendor: "netapp", version: null, }, { model: "enterprise linux desktop", scope: null, trust: 0.8, vendor: "red hat", version: null, }, { model: "enterprise linux server", scope: "eq", trust: 0.8, vendor: "red hat", version: "none", }, { model: "enterprise linux server", scope: "eq", trust: 0.8, vendor: "red hat", version: "aus", }, { model: "enterprise linux server", scope: "eq", trust: 0.8, vendor: "red hat", version: "eus", }, { model: "enterprise linux server", scope: "eq", trust: 0.8, vendor: "red hat", version: "tus", }, { model: "enterprise linux workstation", scope: null, trust: 0.8, vendor: "red hat", version: null, }, { model: "virtualization", scope: "eq", trust: 0.3, vendor: "redhat", version: "4", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "redhat", version: "7", }, { model: "enterprise linux", scope: "eq", trust: 0.3, vendor: "redhat", version: "6", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.8", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.7", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.6", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.5", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.4.3", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.4.2", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.4.1", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.4", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.3", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.2.8", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "1.1", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "0.3", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "0.15", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "0.11", }, { model: "libssh2", scope: "eq", trust: 0.3, vendor: "libssh2", version: "0.1", }, { model: "libssh2", scope: "ne", trust: 0.3, vendor: "libssh2", version: "1.8.1", }, ], sources: [ { db: "BID", id: "107485", }, { db: "JVNDB", id: "JVNDB-2019-002832", }, { db: "NVD", id: "CVE-2019-3855", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/o:debian:debian_linux", vulnerable: true, }, { cpe22Uri: "cpe:/o:fedoraproject:fedora", vulnerable: true, }, { cpe22Uri: "cpe:/a:libssh2:libssh2", vulnerable: true, }, { cpe22Uri: "cpe:/a:netapp:ontap_select_administration_utility", vulnerable: true, }, { cpe22Uri: "cpe:/o:redhat:enterprise_linux_desktop", vulnerable: true, }, { cpe22Uri: "cpe:/o:redhat:enterprise_linux_server", vulnerable: true, }, { cpe22Uri: "cpe:/o:redhat:enterprise_linux_workstation", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-002832", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Chris Coulson of Canonical Ltd.,Slackware Security Team", sources: [ { db: "CNNVD", id: "CNNVD-201903-634", }, ], trust: 0.6, }, cve: "CVE-2019-3855", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, id: "CVE-2019-3855", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 1.9, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, id: "VHN-155290", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 8.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 2.8, id: "CVE-2019-3855", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, { attackComplexity: "HIGH", attackVector: "NETWORK", author: "secalert@redhat.com", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", exploitabilityScore: 1.6, id: "CVE-2019-3855", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1, userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, { attackComplexity: "Low", attackVector: "Network", author: "NVD", availabilityImpact: "High", baseScore: 8.8, baseSeverity: "High", confidentialityImpact: "High", exploitabilityScore: null, id: "CVE-2019-3855", impactScore: null, integrityImpact: "High", privilegesRequired: "None", scope: "Unchanged", trust: 0.8, userInteraction: "Required", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-3855", trust: 1, value: "HIGH", }, { author: "secalert@redhat.com", id: "CVE-2019-3855", trust: 1, value: "HIGH", }, { author: "NVD", id: "CVE-2019-3855", trust: 0.8, value: "High", }, { author: "CNNVD", id: "CNNVD-201903-634", trust: 0.6, value: "HIGH", }, { author: "VULHUB", id: "VHN-155290", trust: 0.1, value: "HIGH", }, { author: "VULMON", id: "CVE-2019-3855", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-155290", }, { db: "VULMON", id: "CVE-2019-3855", }, { db: "JVNDB", id: "JVNDB-2019-002832", }, { db: "CNNVD", id: "CNNVD-201903-634", }, { db: "NVD", id: "CVE-2019-3855", }, { db: "NVD", id: "CVE-2019-3855", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. libssh2 Contains an integer overflow vulnerability.Information is obtained and service operation is interrupted (DoS) There is a possibility of being put into a state. libssh2 is prone to multiple security vulnerabilities. \nAttackers can exploit these issues to execute arbitrary code, perform unauthorized actions, cause denial-of-service conditions, retrieve sensitive information; other attacks may also be possible. It can execute remote commands and file transfers, and at the same time provide a secure transmission channel for remote programs. An integer overflow vulnerability exists in libssh2. The vulnerability is caused by the '_libssh2_transport_read()' function not properly checking the packet_length value from the server. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nAPPLE-SA-2019-9-26-7 Xcode 11.0\n\nXcode 11.0 addresses the following:\n\nIDE SCM\nAvailable for: macOS Mojave 10.14.4 and later\nImpact: Multiple issues in libssh2\nDescription: Multiple issues were addressed by updating to version\n2.16. \nCVE-2019-3855: Chris Coulson\n\nld64\nAvailable for: macOS Mojave 10.14.4 and later\nImpact: Compiling code without proper input validation could lead to\narbitrary code execution with user privilege\nDescription: Multiple issues in ld64 in the Xcode toolchains were\naddressed by updating to version ld64-507.4. \nCVE-2019-8721: Pan ZhenPeng of Qihoo 360 Nirvan Team\nCVE-2019-8722: Pan ZhenPeng of Qihoo 360 Nirvan Team\nCVE-2019-8723: Pan ZhenPeng of Qihoo 360 Nirvan Team\nCVE-2019-8724: Pan ZhenPeng of Qihoo 360 Nirvan Team\n\notool\nAvailable for: macOS Mojave 10.14.4 and later\nImpact: Processing a maliciously crafted file may lead to arbitrary\ncode execution\nDescription: A memory corruption issue was addressed with improved\nstate management. \nCVE-2019-8738: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team\nCVE-2019-8739: Pan ZhenPeng (@Peterpan0927) of Qihoo 360 Nirvan Team\n\nInstallation note:\n\nXcode 11.0 may be obtained from:\n\nhttps://developer.apple.com/xcode/downloads/\n\nTo check that the Xcode has been updated:\n\n* Select Xcode in the menu bar\n* Select About Xcode\n* The version after applying this update will be \"11.0\". -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\n==================================================================== \nRed Hat Security Advisory\n\nSynopsis: Important: libssh2 security update\nAdvisory ID: RHSA-2019:0679-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2019:0679\nIssue date: 2019-03-28\nCVE Names: CVE-2019-3855 CVE-2019-3856 CVE-2019-3857\n CVE-2019-3863\n====================================================================\n1. Summary:\n\nAn update for libssh2 is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client (v. 7) - x86_64\nRed Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux ComputeNode (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - noarch, x86_64\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - aarch64, ppc64le, s390x\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, noarch, ppc64le, s390x\n\n3. Description:\n\nThe libssh2 packages provide a library that implements the SSH2 protocol. \n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing these updated packages, all running applications using\nlibssh2 must be restarted for this update to take effect. \n\n5. Package List:\n\nRed Hat Enterprise Linux Client (v. 7):\n\nSource:\nlibssh2-1.4.3-12.el7_6.2.src.rpm\n\nx86_64:\nlibssh2-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-1.4.3-12.el7_6.2.x86_64.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nnoarch:\nlibssh2-docs-1.4.3-12.el7_6.2.noarch.rpm\n\nx86_64:\nlibssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode (v. 7):\n\nSource:\nlibssh2-1.4.3-12.el7_6.2.src.rpm\n\nx86_64:\nlibssh2-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-1.4.3-12.el7_6.2.x86_64.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nnoarch:\nlibssh2-docs-1.4.3-12.el7_6.2.noarch.rpm\n\nx86_64:\nlibssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nlibssh2-1.4.3-12.el7_6.2.src.rpm\n\nppc64:\nlibssh2-1.4.3-12.el7_6.2.ppc.rpm\nlibssh2-1.4.3-12.el7_6.2.ppc64.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.ppc.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.ppc64.rpm\n\nppc64le:\nlibssh2-1.4.3-12.el7_6.2.ppc64le.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.ppc64le.rpm\n\ns390x:\nlibssh2-1.4.3-12.el7_6.2.s390.rpm\nlibssh2-1.4.3-12.el7_6.2.s390x.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.s390.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.s390x.rpm\n\nx86_64:\nlibssh2-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-1.4.3-12.el7_6.2.x86_64.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):\n\nSource:\nlibssh2-1.4.3-12.el7_6.2.src.rpm\n\naarch64:\nlibssh2-1.4.3-12.el7_6.2.aarch64.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.aarch64.rpm\n\nppc64le:\nlibssh2-1.4.3-12.el7_6.2.ppc64le.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.ppc64le.rpm\n\ns390x:\nlibssh2-1.4.3-12.el7_6.2.s390.rpm\nlibssh2-1.4.3-12.el7_6.2.s390x.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.s390.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.s390x.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nnoarch:\nlibssh2-docs-1.4.3-12.el7_6.2.noarch.rpm\n\nppc64:\nlibssh2-debuginfo-1.4.3-12.el7_6.2.ppc.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.ppc64.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.ppc.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.ppc64.rpm\n\nppc64le:\nlibssh2-debuginfo-1.4.3-12.el7_6.2.ppc64le.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.ppc64le.rpm\n\ns390x:\nlibssh2-debuginfo-1.4.3-12.el7_6.2.s390.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.s390x.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.s390.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.s390x.rpm\n\nx86_64:\nlibssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):\n\naarch64:\nlibssh2-debuginfo-1.4.3-12.el7_6.2.aarch64.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.aarch64.rpm\n\nnoarch:\nlibssh2-docs-1.4.3-12.el7_6.2.noarch.rpm\n\nppc64le:\nlibssh2-debuginfo-1.4.3-12.el7_6.2.ppc64le.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.ppc64le.rpm\n\ns390x:\nlibssh2-debuginfo-1.4.3-12.el7_6.2.s390.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.s390x.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.s390.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.s390x.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nlibssh2-1.4.3-12.el7_6.2.src.rpm\n\nx86_64:\nlibssh2-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-1.4.3-12.el7_6.2.x86_64.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nnoarch:\nlibssh2-docs-1.4.3-12.el7_6.2.noarch.rpm\n\nx86_64:\nlibssh2-debuginfo-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-debuginfo-1.4.3-12.el7_6.2.x86_64.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.i686.rpm\nlibssh2-devel-1.4.3-12.el7_6.2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2019-3855\nhttps://access.redhat.com/security/cve/CVE-2019-3856\nhttps://access.redhat.com/security/cve/CVE-2019-3857\nhttps://access.redhat.com/security/cve/CVE-2019-3863\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is <secalert@redhat.com>. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2019 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIVAwUBXJznXNzjgjWX9erEAQiaLQ/+NOZQa78T9tZT0qw516dUqmfm8y03YJDd\nLDgRcAbSQIlYF59kO4SxBZ13APCc8ippJXzSeBS49AeQLdesjaj3bYnWXeAiDwIE\nwE2zqYhjBH3YUW8vmoP26sC4Ov8rijsevHQcn7PcRiTrR/gSdzU59LkxouyWokAC\nnFVzke+D7aQMFv6mo9EbEEH1Q85/WIfJKKB4XuCHM13L1ohLuVVQnsjxwZtq8hev\nFCQp1moLuyyvDGjEa0lhp05gqIoDGPccpAzlcbz/HWgkb/6nGOQeTsGkN4MPCqbA\nO5YilLdgg3/HASMhtWopCgLQucDI6UEdA4sqAmQFJT5sB19kfJVRDQYSKIim8Tno\n7DICVw0x5p4YzexurImz5tORwsAhTsKt52Z32KEgaVfZLqBwdJP+l3mQaS4H9wZ7\nz4hSB+EPaK6UbKJVq5D5/vhYJlQsSd8sDkLcz30UqNpY0o3LwqBK/8m8apikjxCu\ncdM0ykUZJsccAB0zwuteBP9dEvyUHFhSkpQgWDZIqHgOuE2jpCnIRpl3aRDgB+ND\nXkktDObjALWmIqg1Zs6+vLIDhGKG08ZNSpwaLZQrvFK59aGA/2BTDgupJh607Tv4\nD/l/yO/KxEaUQa5zsFpej2gIfIFElzZc82/ZmWaViyALtpjJ/kKdC4Fzb5PlVIuH\ntLzz6XhldNU=R5e5\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. 7.5) - noarch, ppc64, ppc64le, s390x, x86_64\n\n3. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\n- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4431-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nApril 13, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : libssh2\nCVE ID : CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858\n CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862\n CVE-2019-3863\nDebian Bug : 924965\n\nChris Coulson discovered several vulnerabilities in libssh2, a SSH2\nclient-side library, which could result in denial of service,\ninformation leaks or the execution of arbitrary code. \n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 1.7.0-1+deb9u1. \n\nWe recommend that you upgrade your libssh2 packages", sources: [ { db: "NVD", id: "CVE-2019-3855", }, { db: "JVNDB", id: "JVNDB-2019-002832", }, { db: "BID", id: "107485", }, { db: "VULHUB", id: "VHN-155290", }, { db: "VULMON", id: "CVE-2019-3855", }, { db: "PACKETSTORM", id: "154655", }, { db: "PACKETSTORM", id: "152282", }, { db: "PACKETSTORM", id: "153654", }, { db: "PACKETSTORM", id: "153811", }, { db: "PACKETSTORM", id: "152509", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-3855", trust: 3.4, }, { db: "BID", id: "107485", trust: 2.1, }, { db: "PACKETSTORM", id: "152136", trust: 1.8, }, { db: "OPENWALL", id: "OSS-SECURITY/2019/03/18/3", trust: 1.8, }, { db: "JVNDB", id: "JVNDB-2019-002832", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201903-634", trust: 0.7, }, { db: "AUSCERT", id: "ESB-2019.4341", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.2340", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2021.4083", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.1274", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.4479.2", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.0911", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2020.4226", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.0996", trust: 0.6, }, { db: "AUSCERT", id: "ESB-2019.0894", trust: 0.6, }, { db: "PACKETSTORM", id: "152509", trust: 0.2, }, { db: "PACKETSTORM", id: "153654", trust: 0.2, }, { db: "PACKETSTORM", id: "154655", trust: 0.2, }, { db: "PACKETSTORM", id: "152282", trust: 0.2, }, { db: "PACKETSTORM", id: "153811", trust: 0.2, }, { db: "PACKETSTORM", id: "153510", trust: 0.1, }, { db: "PACKETSTORM", id: "153969", trust: 0.1, }, { db: "VULHUB", id: "VHN-155290", trust: 0.1, }, { db: "VULMON", id: "CVE-2019-3855", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-155290", }, { db: "VULMON", id: "CVE-2019-3855", }, { db: "BID", id: "107485", }, { db: "JVNDB", id: "JVNDB-2019-002832", }, { db: "PACKETSTORM", id: "154655", }, { db: "PACKETSTORM", id: "152282", }, { db: "PACKETSTORM", id: "153654", }, { db: "PACKETSTORM", id: "153811", }, { db: "PACKETSTORM", id: "152509", }, { db: "CNNVD", id: "CNNVD-201903-634", }, { db: "NVD", id: "CVE-2019-3855", }, ], }, id: "VAR-201903-0388", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-155290", }, ], trust: 0.01, }, last_update_date: "2024-11-29T22:03:47.806000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "[SECURITY] [DLA 1730-1] libssh2 security update", trust: 0.8, url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { title: "DSA-4431", trust: 0.8, url: "https://www.debian.org/security/2019/dsa-4431", }, { title: "FEDORA-2019-f31c14682f", trust: 0.8, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/", }, { title: "Possible integer overflow in transport read allows out-of-bounds write", trust: 0.8, url: "https://www.libssh2.org/CVE-2019-3855.html", }, { title: "NTAP-20190327-0005", trust: 0.8, url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { title: "Bug 1687303", trust: 0.8, url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855", }, { title: "RHSA-2019:0679", trust: 0.8, url: "https://access.redhat.com/errata/RHSA-2019:0679", }, { title: "libssh2 Fixes for digital error vulnerabilities", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90196", }, { title: "Red Hat: Important: libssh2 security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191652 - Security Advisory", }, { title: "Red Hat: Important: libssh2 security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191791 - Security Advisory", }, { title: "Red Hat: Important: libssh2 security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20192399 - Security Advisory", }, { title: "Red Hat: Important: libssh2 security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20190679 - Security Advisory", }, { title: "Red Hat: Important: libssh2 security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191943 - Security Advisory", }, { title: "Debian CVElist Bug Report Logs: libssh2: CVE-2019-13115", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=fae8ca9a607a0d36a41864075e4d1739", }, { title: "Arch Linux Issues: ", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2019-3855", }, { title: "Red Hat: Important: virt:rhel security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories&qid=RHSA-20191175 - Security Advisory", }, { title: "Amazon Linux AMI: ALAS-2019-1254", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2019-1254", }, { title: "Amazon Linux 2: ALAS2-2019-1199", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2019-1199", }, { title: "IBM: IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities (CVE-2019-3855, CVE-2019-3856, CVE-2019-3857, CVE-2019-3863)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=90ea192442f00a544f31c35e3585a0e6", }, { title: "Debian CVElist Bug Report Logs: libssh2: CVE-2019-3855 CVE-2019-3856 CVE-2019-3857 CVE-2019-3858 CVE-2019-3859 CVE-2019-3860 CVE-2019-3861 CVE-2019-3862 CVE-2019-3863", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=00191547a456d0cf5c7b101c1774a050", }, { title: "Debian Security Advisories: DSA-4431-1 libssh2 -- security update", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories&qid=32e9048e9588619b2dfacda6369a23ee", }, { title: "IBM: IBM Security Bulletin: IBM QRadar Network Security is affected by multiple libssh2 vulnerabilities (CVE-2019-3863, CVE-2019-3857, CVE-2019-3856, CVE-2019-3855)", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=55b92934c6d6315aa40e8be4ce2a8bf4", }, { title: "IBM: IBM Security Bulletin: Vulnerabiliies in libssh2 affect PowerKVM", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=6e0e5e527a9204c06a52ef667608c6e8", }, { title: "Arch Linux Advisories: [ASA-201903-13] libssh2: multiple issues", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201903-13", }, { title: "Oracle VM Server for x86 Bulletins: Oracle VM Server for x86 Bulletin - July 2019", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_vm_server_for_x86_bulletins&qid=b76ca4c2e9a0948d77d969fddc7b121b", }, { title: "Oracle Linux Bulletins: Oracle Linux Bulletin - April 2019", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=0cf12ffad0c479958deb0741d0970b4e", }, { title: "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2019", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins&qid=767e8ff3a913d6c9b177c63c24420933", }, { title: "IBM: IBM Security Bulletin: Vyatta 5600 vRouter Software Patches – Release 1801-z", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=4ef3e54cc5cdc194f0526779f9480f89", }, { title: "Fortinet Security Advisories: libssh2 integer overflow and out of bounds read/write vulnerabilities", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=fortinet_security_advisories&qid=FG-IR-19-099", }, { title: "IBM: IBM Security Bulletin: Multiple Security vulnerabilities have been fixed in the IBM Security Access Manager Appliance", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=1519a5f830589c3bab8a20f4163374ae", }, { title: "Siemens Security Advisories: Siemens Security Advisory", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=ec6577109e640dac19a6ddb978afe82d", }, { title: "TrivyWeb", trust: 0.1, url: "https://github.com/KorayAgaya/TrivyWeb ", }, { title: "github_aquasecurity_trivy", trust: 0.1, url: "https://github.com/back8/github_aquasecurity_trivy ", }, { title: "trivy", trust: 0.1, url: "https://github.com/simiyo/trivy ", }, { title: "security", trust: 0.1, url: "https://github.com/umahari/security ", }, { title: "", trust: 0.1, url: "https://github.com/Mohzeela/external-secret ", }, { title: "Vulnerability-Scanner-for-Containers", trust: 0.1, url: "https://github.com/t31m0/Vulnerability-Scanner-for-Containers ", }, { title: "trivy", trust: 0.1, url: "https://github.com/siddharthraopotukuchi/trivy ", }, { title: "trivy", trust: 0.1, url: "https://github.com/aquasecurity/trivy ", }, { title: "trivy", trust: 0.1, url: "https://github.com/knqyf263/trivy ", }, { title: "PoC-in-GitHub", trust: 0.1, url: "https://github.com/developer3000S/PoC-in-GitHub ", }, { title: "CVE-POC", trust: 0.1, url: "https://github.com/0xT11/CVE-POC ", }, { title: "PoC-in-GitHub", trust: 0.1, url: "https://github.com/nomi-sec/PoC-in-GitHub ", }, { title: "PoC-in-GitHub", trust: 0.1, url: "https://github.com/hectorgie/PoC-in-GitHub ", }, ], sources: [ { db: "VULMON", id: "CVE-2019-3855", }, { db: "JVNDB", id: "JVNDB-2019-002832", }, { db: "CNNVD", id: "CNNVD-201903-634", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-190", trust: 1.9, }, { problemtype: "CWE-787", trust: 1.1, }, ], sources: [ { db: "VULHUB", id: "VHN-155290", }, { db: "JVNDB", id: "JVNDB-2019-002832", }, { db: "NVD", id: "CVE-2019-3855", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 3, url: "http://packetstormsecurity.com/files/152136/slackware-security-advisory-libssh2-updates.html", }, { trust: 2.4, url: "http://www.securityfocus.com/bid/107485", }, { trust: 2.4, url: "https://www.debian.org/security/2019/dsa-4431", }, { trust: 2.1, url: "https://www.libssh2.org/cve-2019-3855.html", }, { trust: 1.9, url: "https://access.redhat.com/errata/rhsa-2019:0679", }, { trust: 1.9, url: "https://access.redhat.com/errata/rhsa-2019:1791", }, { trust: 1.9, url: "https://access.redhat.com/errata/rhsa-2019:1943", }, { trust: 1.9, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3855", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2019/mar/25", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2019/apr/25", }, { trust: 1.8, url: "https://seclists.org/bugtraq/2019/sep/49", }, { trust: 1.8, url: "https://bugzilla.redhat.com/show_bug.cgi?id=cve-2019-3855", }, { trust: 1.8, url: "https://security.netapp.com/advisory/ntap-20190327-0005/", }, { trust: 1.8, url: "https://support.apple.com/kb/ht210609", }, { trust: 1.8, url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767", }, { trust: 1.8, url: "http://seclists.org/fulldisclosure/2019/sep/42", }, { trust: 1.8, url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html", }, { trust: 1.8, url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html", }, { trust: 1.8, url: "http://www.openwall.com/lists/oss-security/2019/03/18/3", }, { trust: 1.8, url: "https://access.redhat.com/errata/rhsa-2019:1175", }, { trust: 1.8, url: "https://access.redhat.com/errata/rhsa-2019:1652", }, { trust: 1.8, url: "https://access.redhat.com/errata/rhsa-2019:2399", }, { trust: 1.8, url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html", }, { trust: 1.8, url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/xcwea5zclkrduk62qvvymfwlwkopx3lo/", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5dk6vo2ceutajfyikwnzkekymyr3no2o/", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6lunhpw64igcasz4jq2j5kdxnzn53dww/", }, { trust: 1.1, url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/m7if3lnhoa75o4wzwihjlirma5ljued3/", }, { trust: 0.8, "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-3855\\" }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5dk6vo2ceutajfyikwnzkekymyr3no2o/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/m7if3lnhoa75o4wzwihjlirma5ljued3/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6lunhpw64igcasz4jq2j5kdxnzn53dww/", }, { trust: 0.7, url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/xcwea5zclkrduk62qvvymfwlwkopx3lo/", }, { trust: 0.6, url: "https://access.redhat.com/security/cve/cve-2019-3855", }, { trust: 0.6, url: "https://access.redhat.com/security/cve/cve-2019-3856", }, { trust: 0.6, url: "https://access.redhat.com/security/cve/cve-2019-3857", }, { trust: 0.6, url: "https://access.redhat.com/security/cve/cve-2019-3863", }, { trust: 0.6, url: "https://www.suse.com/support/update/announcement/2019/suse-su-20190655-1.html", }, { trust: 0.6, url: "https://fortiguard.com/psirt/fg-ir-19-099", }, { trust: 0.6, url: "https://lists.debian.org/debian-lts-announce/2019/01/msg00028.html", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/1115655", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/1115643", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/1115649", }, { trust: 0.6, url: "https://www.suse.com/support/update/announcement/2019/suse-su-201913982-1.html", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/6520674", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/libssh2-multiple-vulnerabilities-28768", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/77838", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/1120209", }, { trust: 0.6, url: "https://support.apple.com/en-us/ht210609", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/1116357", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.2340/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2020.4226/", }, { trust: 0.6, url: "https://www.ibm.com/support/pages/node/1170634", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/79010", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.4341/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/77478", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/77406", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2019.4479.2/", }, { trust: 0.6, url: "https://www.ibm.com/blogs/psirt/security-bulletin-ibm-integrated-management-module-ii-imm2-is-affected-by-multiple-vulnerabilities-in-libssh2/", }, { trust: 0.6, url: "https://www.auscert.org.au/bulletins/esb-2021.4083", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3856", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3857", }, { trust: 0.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3863", }, { trust: 0.3, url: "http://www.libssh2.org/", }, { trust: 0.3, url: "https://www.libssh2.org/changes.html", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-3858", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-3859", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-3860", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-3861", }, { trust: 0.3, url: "https://access.redhat.com/security/cve/cve-2019-3862", }, { trust: 0.3, url: "https://www.libssh2.org/cve-2019-3856.html", }, { trust: 0.3, url: "https://www.libssh2.org/cve-2019-3857.html", }, { trust: 0.3, url: "https://www.libssh2.org/cve-2019-3858.html", }, { trust: 0.3, url: "https://www.libssh2.org/cve-2019-3859.html", }, { trust: 0.3, url: "https://www.libssh2.org/cve-2019-3860.html", }, { trust: 0.3, url: "https://www.libssh2.org/cve-2019-3861.html", }, { trust: 0.3, url: "https://www.libssh2.org/cve-2019-3862.html", }, { trust: 0.3, url: "https://www.libssh2.org/cve-2019-3863.html", }, { trust: 0.3, url: "https://www.redhat.com/mailman/listinfo/rhsa-announce", }, { trust: 0.3, url: "https://bugzilla.redhat.com/):", }, { trust: 0.3, url: "https://access.redhat.com/security/team/key/", }, { trust: 0.3, url: "https://access.redhat.com/articles/11258", }, { trust: 0.3, url: "https://access.redhat.com/security/updates/classification/#important", }, { trust: 0.3, url: "https://access.redhat.com/security/team/contact/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/787.html", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/190.html", }, { trust: 0.1, url: "https://tools.cisco.com/security/center/viewalert.x?alertid=59797", }, { trust: 0.1, url: "https://nvd.nist.gov", }, { trust: 0.1, url: "https://github.com/korayagaya/trivyweb", }, { trust: 0.1, url: "https://support.apple.com/kb/ht201222", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8724", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8723", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8738", }, { trust: 0.1, url: "https://www.apple.com/support/security/pgp/", }, { trust: 0.1, url: "https://developer.apple.com/xcode/downloads/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8722", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8721", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-8739", }, { trust: 0.1, url: "https://security-tracker.debian.org/tracker/libssh2", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3859", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3860", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3861", }, { trust: 0.1, url: "https://www.debian.org/security/faq", }, { trust: 0.1, url: "https://www.debian.org/security/", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3862", }, { trust: 0.1, url: "https://nvd.nist.gov/vuln/detail/cve-2019-3858", }, ], sources: [ { db: "VULHUB", id: "VHN-155290", }, { db: "VULMON", id: "CVE-2019-3855", }, { db: "BID", id: "107485", }, { db: "JVNDB", id: "JVNDB-2019-002832", }, { db: "PACKETSTORM", id: "154655", }, { db: "PACKETSTORM", id: "152282", }, { db: "PACKETSTORM", id: "153654", }, { db: "PACKETSTORM", id: "153811", }, { db: "PACKETSTORM", id: "152509", }, { db: "CNNVD", id: "CNNVD-201903-634", }, { db: "NVD", id: "CVE-2019-3855", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-155290", }, { db: "VULMON", id: "CVE-2019-3855", }, { db: "BID", id: "107485", }, { db: "JVNDB", id: "JVNDB-2019-002832", }, { db: "PACKETSTORM", id: "154655", }, { db: "PACKETSTORM", id: "152282", }, { db: "PACKETSTORM", id: "153654", }, { db: "PACKETSTORM", id: "153811", }, { db: "PACKETSTORM", id: "152509", }, { db: "CNNVD", id: "CNNVD-201903-634", }, { db: "NVD", id: "CVE-2019-3855", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-03-21T00:00:00", db: "VULHUB", id: "VHN-155290", }, { date: "2019-03-21T00:00:00", db: "VULMON", id: "CVE-2019-3855", }, { date: "2019-03-18T00:00:00", db: "BID", id: "107485", }, { date: "2019-04-24T00:00:00", db: "JVNDB", id: "JVNDB-2019-002832", }, { date: "2019-09-29T10:11:11", db: "PACKETSTORM", id: "154655", }, { date: "2019-03-28T16:23:48", db: "PACKETSTORM", id: "152282", }, { date: "2019-07-16T20:10:44", db: "PACKETSTORM", id: "153654", }, { date: "2019-07-30T18:13:57", db: "PACKETSTORM", id: "153811", }, { date: "2019-04-15T16:33:02", db: "PACKETSTORM", id: "152509", }, { date: "2019-03-19T00:00:00", db: "CNNVD", id: "CNNVD-201903-634", }, { date: "2019-03-21T21:29:00.433000", db: "NVD", id: "CVE-2019-3855", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2020-10-15T00:00:00", db: "VULHUB", id: "VHN-155290", }, { date: "2023-11-07T00:00:00", db: "VULMON", id: "CVE-2019-3855", }, { date: "2019-03-18T00:00:00", db: "BID", id: "107485", }, { date: "2019-04-24T00:00:00", db: "JVNDB", id: "JVNDB-2019-002832", }, { date: "2021-12-03T00:00:00", db: "CNNVD", id: "CNNVD-201903-634", }, { date: "2024-11-21T04:42:43.427000", db: "NVD", id: "CVE-2019-3855", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201903-634", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "libssh2 Integer overflow vulnerability", sources: [ { db: "JVNDB", id: "JVNDB-2019-002832", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-201903-634", }, ], trust: 0.6, }, }