Mandriva Linux Security Advisory 2013-045 - Multiple double free flaws, buffer overflow flaws, invalid free flaws, and improper overflow checks in libssh before 0.5.3 could enable a denial of service attack against libssh clients, or possibly arbitrary code execution. Yong Chuan Koh discovered that libssh incorrectly handled certain negotiation requests. A remote attacker could use this to cause libssh to crash, resulting in a denial of service.
b001afcc00872bffb479840552f9f98c8e4a053611dc49aa61aa6b801599a2cbSlackware Security Advisory - New libssh packages are available for Slackware 14.0, and -current to fix a security issue.
4f29fc9ae0941903b155b4feab417794ea9f87b4fb023be631f85009a1f6ca03Mandriva Linux Security Advisory 2013-009 - The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service via a Client: Diffie-Hellman Key Exchange Init packet. The updated packages have been upgraded to the 0.5.4 version which is not affected by this issue.
73870dce1b583b2ef4bd04b7c63752c6b3bffe0ed145b165bcd9794b9ffe441bUbuntu Security Notice 1707-1 - Yong Chuan Koh discovered that libssh incorrectly handled certain negotiation requests. A remote attacker could use this to cause libssh to crash, resulting in a denial of service.
2a67a8edbc2942f40a6dcc4eeb9ad04e3853fe87333ab4951b991ce2693bdb61
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed