Download
| Alert*
oval:org.secpod.oval:def:108538
libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER*, SECSH-DHGEX, and SECSH-NUMBERS. oval:org.secpod.oval:def:204228 The libssh2 packages provide a library that implements the SSH2 protocol. A flaw was found in the way the kex_agree_methods function of libssh2 performed a key exchange when negotiating a new SSH session. A man-in-the-middle attacker could use a crafted SSH_MSG_KEXINIT packet to crash a connecting l ... oval:org.secpod.oval:def:501712 The libssh2 packages provide a library that implements the SSH2 protocol. A flaw was found in the way the kex_agree_methods function of libssh2 performed a key exchange when negotiating a new SSH session. A man-in-the-middle attacker could use a crafted SSH_MSG_KEXINIT packet to crash a connecting l ... oval:org.secpod.oval:def:1501246 The remote host is missing a patch containing a security fix, which affects the following package(s): libssh2 oval:org.secpod.oval:def:108573 libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER*, SECSH-DHGEX, and SECSH-NUMBERS. oval:org.secpod.oval:def:116213 libssh2 is a library implementing the SSH2 protocol as defined by Internet Drafts: SECSH-TRANS, SECSH-USERAUTH, SECSH-CONNECTION, SECSH-ARCH, SECSH-FILEXFER*, SECSH-DHGEX, and SECSH-NUMBERS. oval:org.secpod.oval:def:1801361 CVE-2019-3855: Possible integer overflow in transport read allows out-of-bounds write Affected versions: all versions to and including 1.8.0 Not affected versions: libssh2 oval:org.secpod.oval:def:205182 The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix: * libssh2: Integer overflow in transport read resulting in out of bounds write * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write * libssh2: Integer overflow in SSH pa ... oval:org.secpod.oval:def:1700160 An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.An integer overflow flaw ... oval:org.secpod.oval:def:502714 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... |