MDVSA-2013:009 -- Mandriva libsshID: oval:org.secpod.oval:def:302995 | Date: (C)2013-02-26 (M)2021-06-02 |
Class: PATCH | Family: unix |
A vulnerability has been found and corrected in libssh: The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service via a Client: Diffie-Hellman Key Exchange Init packet. The updated packages have been upgraded to the 0.5.4 version which is not affected by this issue.
Platform: |
Mandriva Linux 2011.0 |