Download
| Alert*
|
oval:org.secpod.oval:def:62962
libssh: A tiny C SSH library libssh could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:67975 libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh . Security Fix: * libssh: denial of service when handling AES-CTR ciphers * libssh: unsanitized location ... oval:org.secpod.oval:def:504749 libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. The following packages have been upgraded to a later upstream version: libssh . Security Fix: * libssh: denial of service when handling AES-CTR ciphers * libssh: unsanitized location ... oval:org.secpod.oval:def:89050223 This update for libssh fixes the following issues: - CVE-2020-1730: Fixed a possible denial of service when using AES-CTR . oval:org.secpod.oval:def:705433 libssh: A tiny C SSH library libssh could be made to crash if it received specially crafted network traffic. oval:org.secpod.oval:def:89000236 This update for libssh fixes the following issues: - CVE-2020-1730: Fixed a possible denial of service when using AES-CTR . oval:org.secpod.oval:def:1504155 [0.9.4-2] - Do not return error when server properly closed the channel - Add a test for CVE-2019-14889 - Do not parse configuration file in torture_knownhosts test [0.9.4-1] - Update to version 0.9.4 https://www.libssh.org/2020/04/09/libssh-0-9-4-and-libssh-0-8-9-security-release/ - Fixed CVE-2019 ... oval:org.secpod.oval:def:2004167 A flaw was found in libssh2-1 versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR ciphers. The server or client could crash when the connection hasn"t been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulner ... oval:org.secpod.oval:def:2500102 libssh is a library which implements the SSH protocol. It can be used to implement client and server applications. oval:org.secpod.oval:def:89051484 This update for libssh fixes the following issues: Update to version 0.9.8 : * Fix CVE-2023-6004: Command injection using proxycommand * Fix CVE-2023-48795: Potential downgrade attack using strict kex * Fix CVE-2023-6918: Missing checks for return values of MD functions * Allow @ in usernames whe ... oval:org.secpod.oval:def:89051497 This update for libssh fixes the following issues: Update to version 0.9.8 : * Fix CVE-2023-6004: Command injection using proxycommand * Fix CVE-2023-48795: Potential downgrade attack using strict kex * Fix CVE-2023-6918: Missing checks for return values of MD functions * Allow @ in usernames whe ... |
