VuXML ID | Description |
0b040e24-f751-11e4-b24d-5453ed2e2b49 | libssh -- null pointer dereference
Andreas Schneider reports:
libssh versions 0.5.1 and above have a logical error in the
handling of a SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY package. A
detected error did not set the session into the error state
correctly and further processed the packet which leads to a null
pointer dereference. This is the packet after the initial key
exchange and doesnât require authentication.
This could be used for a Denial of Service (DoS) attack.
Discovery 2015-04-30 Entry 2015-05-10 libssh
< 0.6.5
CVE-2015-3146
https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release
|
1e7fa41b-f6ca-4fe8-bd46-0e176b42b14f | libssh -- Unsanitized location in scp could lead to unwanted command execution
The libssh team reports:
In an environment where a user is only allowed to copy files and
not to execute applications, it would be possible to pass a location
which contains commands to be executed in additon.
When the libssh SCP client connects to a server, the scp
command, which includes a user-provided path, is executed
on the server-side. In case the library is used in a way
where users can influence the third parameter of
ssh_scp_new(), it would become possible for an attacker to
inject arbitrary commands, leading to a compromise of the
remote target.
Discovery 2019-11-14 Entry 2020-02-02 libssh
ge 0.4.0 lt 0.8.8
ge 0.9.0 lt 0.9.3
https://www.libssh.org/security/advisories/CVE-2019-14889.txt
https://nvd.nist.gov/vuln/detail/CVE-2019-14889
CVE-2019-14889
|
2383767c-d224-11e8-9623-a4badb2f4699 | libssh -- authentication bypass vulnerability
gladiac reports:
libssh versions 0.6 and above have an authentication bypass
vulnerability in the server code. By presenting the server an
SSH2_MSG_USERAUTH_SUCCESS message in place of the
SSH2_MSG_USERAUTH_REQUEST message which the server would expect to
initiate authentication, the attacker could successfully authentciate
without any credentials.
Discovery 2018-10-16 Entry 2018-10-17 libssh
ge 0.6 lt 0.7.6
ge 0.8 lt 0.8.4
https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix-release/
CVE-2018-10933
|
6b3591ea-e2d2-11e5-a6be-5453ed2e2b49 | libssh -- weak Diffie-Hellman secret generation
Andreas Schneider reports:
libssh versions 0.1 and above have a bits/bytes confusion bug and
generate an abnormally short ephemeral secret for the
diffie-hellman-group1 and diffie-hellman-group14 key exchange
methods. The resulting secret is 128 bits long, instead of the
recommended sizes of 1024 and 2048 bits respectively. There are
practical algorithms (Baby steps/Giant steps, Pollardâs rho) that can
solve this problem in O(2^63) operations.
Both client and server are are vulnerable, pre-authentication.
This vulnerability could be exploited by an eavesdropper with enough
resources to decrypt or intercept SSH sessions. The bug was found
during an internal code review by Aris Adamantiadis of the libssh
team.
Discovery 2016-02-23 Entry 2016-03-05 libssh
< 0.7.3
CVE-2016-0739
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0739
https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/
|
f8c88d50-5fb3-11e4-81bd-5453ed2e2b49 | libssh -- PRNG state reuse on forking servers
Aris Adamantiadis reports:
When accepting a new connection, the server forks and the
child process handles the request. The RAND_bytes() function
of openssl doesn't reset its state after the fork, but
simply adds the current process id (getpid) to the PRNG
state, which is not guaranteed to be unique.
Discovery 2014-03-05 Entry 2014-10-29 libssh
< 0.6.3
CVE-2014-0017
http://www.openwall.com/lists/oss-security/2014/03/05/1
http://secunia.com/advisories/57407
|