Vulnerabilities > CVE-2014-0017 - Cryptographic Issues vulnerability in Libssh
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid collision.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 13 |
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Nessus
NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201408-03.NASL description The remote host is affected by the vulnerability described in GLSA-201408-03 (LibSSH: Information disclosure) A new connection inherits the state of the PRNG without re-seeding with random data. Impact : Servers using ECC (ECDSA) or DSA certificates in non-deterministic mode may under certain conditions leak their private key. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 77112 published 2014-08-11 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/77112 title GLSA-201408-03 : LibSSH: Information disclosure code # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Gentoo Linux Security Advisory GLSA 201408-03. # # The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc. # and licensed under the Creative Commons - Attribution / Share Alike # license. See http://creativecommons.org/licenses/by-sa/3.0/ # include("compat.inc"); if (description) { script_id(77112); script_version("1.4"); script_cvs_date("Date: 2018/12/05 20:31:22"); script_cve_id("CVE-2014-0017"); script_bugtraq_id(65963); script_xref(name:"GLSA", value:"201408-03"); script_name(english:"GLSA-201408-03 : LibSSH: Information disclosure"); script_summary(english:"Checks for updated package(s) in /var/db/pkg"); script_set_attribute( attribute:"synopsis", value: "The remote Gentoo host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "The remote host is affected by the vulnerability described in GLSA-201408-03 (LibSSH: Information disclosure) A new connection inherits the state of the PRNG without re-seeding with random data. Impact : Servers using ECC (ECDSA) or DSA certificates in non-deterministic mode may under certain conditions leak their private key. Workaround : There is no known workaround at this time." ); script_set_attribute( attribute:"see_also", value:"https://security.gentoo.org/glsa/201408-03" ); script_set_attribute( attribute:"solution", value: "All LibSSH users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-libs/libssh-0.6.3'" ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:gentoo:linux:libssh"); script_set_attribute(attribute:"cpe", value:"cpe:/o:gentoo:linux"); script_set_attribute(attribute:"patch_publication_date", value:"2014/08/10"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/08/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Gentoo Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("qpkg.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Gentoo/release")) audit(AUDIT_OS_NOT, "Gentoo"); if (!get_kb_item("Host/Gentoo/qpkg-list")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (qpkg_check(package:"net-libs/libssh", unaffected:make_list("ge 0.6.3"), vulnerable:make_list("lt 0.6.3"))) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:qpkg_report_get()); else security_note(0); exit(0); } else { tested = qpkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "LibSSH"); }
NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2015-086.NASL description Updated libssh packages fix security vulnerabilities : When using libssh before 0.6.3, a libssh-based server, when accepting a new connection, forks and the child process handles the request. The RAND_bytes() function of openssl doesn last seen 2020-06-01 modified 2020-06-02 plugin id 82339 published 2015-03-30 reporter This script is Copyright (C) 2015-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/82339 title Mandriva Linux Security Advisory : libssh (MDVSA-2015:086) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandriva Linux Security Advisory MDVSA-2015:086. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(82339); script_version("1.3"); script_cvs_date("Date: 2019/08/02 13:32:56"); script_cve_id("CVE-2014-0017", "CVE-2014-8132"); script_xref(name:"MDVSA", value:"2015:086"); script_name(english:"Mandriva Linux Security Advisory : libssh (MDVSA-2015:086)"); script_summary(english:"Checks rpm output for the updated packages"); script_set_attribute( attribute:"synopsis", value: "The remote Mandriva Linux host is missing one or more security updates." ); script_set_attribute( attribute:"description", value: "Updated libssh packages fix security vulnerabilities : When using libssh before 0.6.3, a libssh-based server, when accepting a new connection, forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset its state after the fork, but simply adds the current process id (getpid) to the PRNG state, which is not guaranteed to be unique. The most important consequence is that servers using EC (ECDSA) or DSA certificates may under certain conditions leak their private key (CVE-2014-0017). Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet (CVE-2014-8132)." ); script_set_attribute( attribute:"see_also", value:"http://advisories.mageia.org/MGASA-2014-0119.html" ); script_set_attribute( attribute:"see_also", value:"http://advisories.mageia.org/MGASA-2015-0014.html" ); script_set_attribute( attribute:"solution", value:"Update the affected lib64ssh-devel and / or lib64ssh4 packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ssh-devel"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:lib64ssh4"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:business_server:2"); script_set_attribute(attribute:"patch_publication_date", value:"2015/03/28"); script_set_attribute(attribute:"plugin_publication_date", value:"2015/03/30"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2015-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK-MBS2", cpu:"x86_64", reference:"lib64ssh-devel-0.5.5-2.1.mbs2")) flag++; if (rpm_check(release:"MDK-MBS2", cpu:"x86_64", reference:"lib64ssh4-0.5.5-2.1.mbs2")) flag++; if (flag) { if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get()); else security_warning(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Debian Local Security Checks NASL id DEBIAN_DSA-2879.NASL description It was discovered that libssh, a tiny C SSH library, did not reset the state of the PRNG after accepting a connection. A server mode application that forks itself to handle incoming connections could see its children sharing the same PRNG state, resulting in a cryptographic weakness and possibly the recovery of the private key. last seen 2020-03-17 modified 2014-03-14 plugin id 72994 published 2014-03-14 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72994 title Debian DSA-2879-1 : libssh - security update code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Debian Security Advisory DSA-2879. The text # itself is copyright (C) Software in the Public Interest, Inc. # include("compat.inc"); if (description) { script_id(72994); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2014-0017"); script_bugtraq_id(63445, 63888, 63890, 63931, 63983, 64111, 65963); script_xref(name:"DSA", value:"2879"); script_name(english:"Debian DSA-2879-1 : libssh - security update"); script_summary(english:"Checks dpkg output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Debian host is missing a security-related update." ); script_set_attribute( attribute:"description", value: "It was discovered that libssh, a tiny C SSH library, did not reset the state of the PRNG after accepting a connection. A server mode application that forks itself to handle incoming connections could see its children sharing the same PRNG state, resulting in a cryptographic weakness and possibly the recovery of the private key." ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/squeeze/libssh" ); script_set_attribute( attribute:"see_also", value:"https://packages.debian.org/source/wheezy/libssh" ); script_set_attribute( attribute:"see_also", value:"https://www.debian.org/security/2014/dsa-2879" ); script_set_attribute( attribute:"solution", value: "Upgrade the libssh packages. For the oldstable distribution (squeeze), this problem has been fixed in version 0.4.5-3+squeeze2. For the stable distribution (wheezy), this problem has been fixed in version 0.5.4-1+deb7u1." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:ND/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:libssh"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:6.0"); script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:7.0"); script_set_attribute(attribute:"patch_publication_date", value:"2014/03/13"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/14"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Debian Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/Debian/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("debian_package.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Debian/release")) audit(AUDIT_OS_NOT, "Debian"); if (!get_kb_item("Host/Debian/dpkg-l")) audit(AUDIT_PACKAGE_LIST_MISSING); flag = 0; if (deb_check(release:"6.0", prefix:"libssh-4", reference:"0.4.5-3+squeeze2")) flag++; if (deb_check(release:"6.0", prefix:"libssh-dbg", reference:"0.4.5-3+squeeze2")) flag++; if (deb_check(release:"6.0", prefix:"libssh-dev", reference:"0.4.5-3+squeeze2")) flag++; if (deb_check(release:"6.0", prefix:"libssh-doc", reference:"0.4.5-3+squeeze2")) flag++; if (deb_check(release:"7.0", prefix:"libssh-4", reference:"0.5.4-1+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libssh-dbg", reference:"0.5.4-1+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libssh-dev", reference:"0.5.4-1+deb7u1")) flag++; if (deb_check(release:"7.0", prefix:"libssh-doc", reference:"0.5.4-1+deb7u1")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:deb_report_get()); else security_note(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
NASL family Fedora Local Security Checks NASL id FEDORA_2014-3473.NASL description Fix CVE-2014-0017. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-03-07 plugin id 72871 published 2014-03-07 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72871 title Fedora 20 : libssh-0.6.3-1.fc20 (2014-3473) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Fedora Security Advisory 2014-3473. # include("compat.inc"); if (description) { script_id(72871); script_version("1.6"); script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/12"); script_cve_id("CVE-2014-0017"); script_bugtraq_id(65963); script_xref(name:"FEDORA", value:"2014-3473"); script_name(english:"Fedora 20 : libssh-0.6.3-1.fc20 (2014-3473)"); script_summary(english:"Checks rpm output for the updated package."); script_set_attribute( attribute:"synopsis", value:"The remote Fedora host is missing a security update." ); script_set_attribute( attribute:"description", value: "Fix CVE-2014-0017. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1072191" ); # https://lists.fedoraproject.org/pipermail/package-announce/2014-March/129556.html script_set_attribute( attribute:"see_also", value:"http://www.nessus.org/u?1a160f17" ); script_set_attribute( attribute:"solution", value:"Update the affected libssh package." ); script_set_cvss_base_vector("CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:N"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fedoraproject:fedora:libssh"); script_set_attribute(attribute:"cpe", value:"cpe:/o:fedoraproject:fedora:20"); script_set_attribute(attribute:"patch_publication_date", value:"2014/03/06"); script_set_attribute(attribute:"plugin_publication_date", value:"2014/03/07"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Fedora Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Fedora" >!< release) audit(AUDIT_OS_NOT, "Fedora"); os_ver = eregmatch(pattern: "Fedora.*release ([0-9]+)", string:release); if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Fedora"); os_ver = os_ver[1]; if (! ereg(pattern:"^20([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Fedora 20.x", "Fedora " + os_ver); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Fedora", cpu); flag = 0; if (rpm_check(release:"FC20", reference:"libssh-0.6.3-1.fc20")) flag++; if (flag) { if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get()); else security_note(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libssh"); }
NASL family Fedora Local Security Checks NASL id FEDORA_2014-3485.NASL description Fix CVE-2014-0017. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-17 modified 2014-03-17 plugin id 73037 published 2014-03-17 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73037 title Fedora 19 : libssh-0.6.3-1.fc19 (2014-3485) NASL family Mandriva Local Security Checks NASL id MANDRIVA_MDVSA-2014-053.NASL description Updated libssh package fixes security vulnerability : When using libssh before 0.6.3, a libssh-based server, when accepting a new connection, forks and the child process handles the request. The RAND_bytes() function of openssl doesn last seen 2020-06-01 modified 2020-06-02 plugin id 73000 published 2014-03-14 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/73000 title Mandriva Linux Security Advisory : libssh (MDVSA-2014:053) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_F8C88D505FB311E481BD5453ED2E2B49.NASL description Aris Adamantiadis reports : When accepting a new connection, the server forks and the child process handles the request. The RAND_bytes() function of openssl doesn last seen 2020-06-01 modified 2020-06-02 plugin id 78730 published 2014-10-30 reporter This script is Copyright (C) 2014-2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/78730 title FreeBSD : libssh -- PRNG state reuse on forking servers (f8c88d50-5fb3-11e4-81bd-5453ed2e2b49) NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2015-111-04.NASL description New libssh packages are available for Slackware 14.0, 14.1, and -current to fix security issues. last seen 2020-06-01 modified 2020-06-02 plugin id 82917 published 2015-04-22 reporter This script is Copyright (C) 2015-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/82917 title Slackware 14.0 / 14.1 / current : libssh (SSA:2015-111-04) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-2145-1.NASL description Aris Adamantiadis discovered that libssh allowed the OpenSSL PRNG state to be reused when implementing forking servers. This could allow an attacker to possibly obtain information about the state of the PRNG and perform cryptographic attacks. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-18 modified 2014-03-13 plugin id 72980 published 2014-03-13 reporter Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/72980 title Ubuntu 12.04 LTS / 12.10 / 13.10 : libssh vulnerability (USN-2145-1) NASL family SuSE Local Security Checks NASL id SUSE_11_LIBSSH2-140307.NASL description This update of libssh fixes the following security issue : - When libssh operates in server mode, the randomness pool was not switched on fork, so two pools could operate on the same randomness and could generate the same keys. last seen 2020-06-05 modified 2014-03-21 plugin id 73130 published 2014-03-21 reporter This script is Copyright (C) 2014-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/73130 title SuSE 11.3 Security Update : libssh2 (SAT Patch Number 8982) NASL family SuSE Local Security Checks NASL id OPENSUSE-2014-208.NASL description libssh was updated to fix a random generator reseeding issue when forking multiple servers. Forking multiple servers might under some circumstances get them the same random seed state. last seen 2020-06-05 modified 2014-06-13 plugin id 75290 published 2014-06-13 reporter This script is Copyright (C) 2014-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75290 title openSUSE Security Update : libssh (openSUSE-SU-2014:0366-1)
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 65963 CVE(CAN) ID: CVE-2014-0017 libssh 是一个用以访问SSH服务的C语言开发包,通过它可以执行远程命令、文件传输,同时为远程的程序提供安全的传输通道。 Libssh 0.6.3之前版本工作流处理新请求时没有正确初始化PRNG状态,攻击者通过中间人攻击,利用此漏洞可获取并操纵用户的通讯。 0 libssh libssh < 0.6.3 厂商补丁: libssh ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/ |
id | SSV:61681 |
last seen | 2017-11-19 |
modified | 2014-03-07 |
published | 2014-03-07 |
reporter | Root |
title | Libssh随机号码生成器漏洞(CVE-2014-0017) |
References
- http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html
- http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html
- http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html
- http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html
- http://secunia.com/advisories/57407
- http://secunia.com/advisories/57407
- http://www.debian.org/security/2014/dsa-2879
- http://www.debian.org/security/2014/dsa-2879
- http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/
- http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release/
- http://www.openwall.com/lists/oss-security/2014/03/05/1
- http://www.openwall.com/lists/oss-security/2014/03/05/1
- http://www.ubuntu.com/usn/USN-2145-1
- http://www.ubuntu.com/usn/USN-2145-1
- https://bugzilla.redhat.com/show_bug.cgi?id=1072191
- https://bugzilla.redhat.com/show_bug.cgi?id=1072191