Vulnerabilities > CVE-2019-3857 - Integer Overflow or Wraparound vulnerability in multiple products

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1652.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id126453
    published2019-07-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126453
    titleRHEL 6 : libssh2 (RHSA-2019:1652)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:1652. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126453);
      script_version("1.5");
      script_cvs_date("Date: 2020/01/08");
    
      script_cve_id("CVE-2019-3855", "CVE-2019-3856", "CVE-2019-3857", "CVE-2019-3863");
      script_xref(name:"RHSA", value:"2019:1652");
    
      script_name(english:"RHEL 6 : libssh2 (RHSA-2019:1652)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for libssh2 is now available for Red Hat Enterprise Linux 6.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The libssh2 packages provide a library that implements the SSH2
    protocol.
    
    Security Fix(es) :
    
    * libssh2: Integer overflow in transport read resulting in out of
    bounds write (CVE-2019-3855)
    
    * libssh2: Integer overflow in keyboard interactive handling resulting
    in out of bounds write (CVE-2019-3856)
    
    * libssh2: Integer overflow in SSH packet processing channel resulting
    in out of bounds write (CVE-2019-3857)
    
    * libssh2: Integer overflow in user authenticate keyboard interactive
    allows out-of-bounds writes (CVE-2019-3863)
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:1652"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3855"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3856"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3857"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3863"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-docs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:1652";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL6", reference:"libssh2-1.4.2-3.el6_10.1")) flag++;
      if (rpm_check(release:"RHEL6", reference:"libssh2-debuginfo-1.4.2-3.el6_10.1")) flag++;
      if (rpm_check(release:"RHEL6", reference:"libssh2-devel-1.4.2-3.el6_10.1")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libssh2-docs-1.4.2-3.el6_10.1")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libssh2-docs-1.4.2-3.el6_10.1")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libssh2-docs-1.4.2-3.el6_10.1")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libssh2 / libssh2-debuginfo / libssh2-devel / libssh2-docs");
      }
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190702_LIBSSH2_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) - libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) - libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) - libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863)
    last seen2020-03-18
    modified2019-07-03
    plugin id126454
    published2019-07-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126454
    titleScientific Linux Security Update : libssh2 on SL6.x i386/x86_64 (20190702)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126454);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24");
    
      script_cve_id("CVE-2019-3855", "CVE-2019-3856", "CVE-2019-3857", "CVE-2019-3863");
    
      script_name(english:"Scientific Linux Security Update : libssh2 on SL6.x i386/x86_64 (20190702)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security Fix(es) :
    
      - libssh2: Integer overflow in transport read resulting in
        out of bounds write (CVE-2019-3855)
    
      - libssh2: Integer overflow in keyboard interactive
        handling resulting in out of bounds write
        (CVE-2019-3856)
    
      - libssh2: Integer overflow in SSH packet processing
        channel resulting in out of bounds write (CVE-2019-3857)
    
      - libssh2: Integer overflow in user authenticate keyboard
        interactive allows out-of-bounds writes (CVE-2019-3863)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1907&L=SCIENTIFIC-LINUX-ERRATA&P=1778
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?bf81a233"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libssh2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libssh2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libssh2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libssh2-docs");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL6", reference:"libssh2-1.4.2-3.el6_10.1")) flag++;
    if (rpm_check(release:"SL6", reference:"libssh2-debuginfo-1.4.2-3.el6_10.1")) flag++;
    if (rpm_check(release:"SL6", reference:"libssh2-devel-1.4.2-3.el6_10.1")) flag++;
    if (rpm_check(release:"SL6", reference:"libssh2-docs-1.4.2-3.el6_10.1")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libssh2 / libssh2-debuginfo / libssh2-devel / libssh2-docs");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1943.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id127630
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127630
    titleRHEL 7 : libssh2 (RHSA-2019:1943)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:1943. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(127630);
      script_version("1.5");
      script_cvs_date("Date: 2020/01/06");
    
      script_cve_id("CVE-2019-3855", "CVE-2019-3856", "CVE-2019-3857", "CVE-2019-3863");
      script_xref(name:"RHSA", value:"2019:1943");
    
      script_name(english:"RHEL 7 : libssh2 (RHSA-2019:1943)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for libssh2 is now available for Red Hat Enterprise Linux
    7.4 Extended Update Support.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The libssh2 packages provide a library that implements the SSH2
    protocol.
    
    Security Fix(es) :
    
    * libssh2: Integer overflow in transport read resulting in out of
    bounds write (CVE-2019-3855)
    
    * libssh2: Integer overflow in keyboard interactive handling resulting
    in out of bounds write (CVE-2019-3856)
    
    * libssh2: Integer overflow in SSH packet processing channel resulting
    in out of bounds write (CVE-2019-3857)
    
    * libssh2: Integer overflow in user authenticate keyboard interactive
    allows out-of-bounds writes (CVE-2019-3863)
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:1943"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3855"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3856"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3857"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3863"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-docs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.4");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7\.4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.4", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:1943";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL7", sp:"4", reference:"libssh2-1.4.3-11.el7_4.1")) flag++;
      if (rpm_check(release:"RHEL7", sp:"4", reference:"libssh2-debuginfo-1.4.3-11.el7_4.1")) flag++;
      if (rpm_check(release:"RHEL7", sp:"4", reference:"libssh2-devel-1.4.3-11.el7_4.1")) flag++;
      if (rpm_check(release:"RHEL7", sp:"4", reference:"libssh2-docs-1.4.3-11.el7_4.1")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libssh2 / libssh2-debuginfo / libssh2-devel / libssh2-docs");
      }
    }
    
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0179_LIBSSH2.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.06, has libssh2 packages installed that are affected by multiple vulnerabilities: - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. (CVE-2019-3863) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id128705
    published2019-09-11
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128705
    titleNewStart CGSL MAIN 4.06 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0179)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from ZTE advisory NS-SA-2019-0179. The text
    # itself is copyright (C) ZTE, Inc.
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128705);
      script_version("1.3");
      script_cvs_date("Date: 2019/10/17 14:31:05");
    
      script_cve_id(
        "CVE-2019-3855",
        "CVE-2019-3856",
        "CVE-2019-3857",
        "CVE-2019-3863"
      );
      script_bugtraq_id(107485);
    
      script_name(english:"NewStart CGSL MAIN 4.06 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0179)");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote machine is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The remote NewStart CGSL host, running version MAIN 4.06, has libssh2 packages installed that are affected by multiple
    vulnerabilities:
    
      - An integer overflow flaw which could lead to an out of
        bounds write was discovered in libssh2 before 1.8.1 in
        the way packets are read from the server. A remote
        attacker who compromises a SSH server may be able to
        execute code on the client system when a user connects
        to the server. (CVE-2019-3855)
    
      - An integer overflow flaw, which could lead to an out of
        bounds write, was discovered in libssh2 before 1.8.1 in
        the way keyboard prompt requests are parsed. A remote
        attacker who compromises a SSH server may be able to
        execute code on the client system when a user connects
        to the server. (CVE-2019-3856)
    
      - An integer overflow flaw which could lead to an out of
        bounds write was discovered in libssh2 before 1.8.1 in
        the way SSH_MSG_CHANNEL_REQUEST packets with an exit
        signal are parsed. A remote attacker who compromises a
        SSH server may be able to execute code on the client
        system when a user connects to the server.
        (CVE-2019-3857)
    
      - A flaw was found in libssh2 before 1.8.1. A server could
        send a multiple keyboard interactive response messages
        whose total length are greater than unsigned char max
        characters. This value is used as an index to copy
        memory causing in an out of bounds memory write error.
        (CVE-2019-3863)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2019-0179");
      script_set_attribute(attribute:"solution", value:
    "Upgrade the vulnerable CGSL libssh2 packages. Note that updated packages may not be available yet. Please contact ZTE
    for more information.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3855");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/08/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/11");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"NewStart CGSL Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/ZTE-CGSL/release");
    if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, "NewStart Carrier Grade Server Linux");
    
    if (release !~ "CGSL MAIN 4.06")
      audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.06');
    
    if (!get_kb_item("Host/ZTE-CGSL/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "NewStart Carrier Grade Server Linux", cpu);
    
    flag = 0;
    
    pkgs = {
      "CGSL MAIN 4.06": [
        "libssh2-1.4.2-3.el6_10.1",
        "libssh2-debuginfo-1.4.2-3.el6_10.1",
        "libssh2-devel-1.4.2-3.el6_10.1",
        "libssh2-docs-1.4.2-3.el6_10.1"
      ]
    };
    pkg_list = pkgs[release];
    
    foreach (pkg in pkg_list)
      if (rpm_check(release:"ZTE " + release, reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libssh2");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1309.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3858) - An out of bounds read flaw was discovered in libssh2 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3859) - An out of bounds read flaw was discovered in libssh2 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3860) - An out of bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3861) - An out of bounds read flaw was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3862) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-05-01
    plugin id124436
    published2019-05-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124436
    titleEulerOS 2.0 SP3 : libssh2 (EulerOS-SA-2019-1309)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_6E58E1E92636413E9F844C0E21143628.NASL
    descriptionlibssh2 developers report : - Defend against possible integer overflows in comp_method_zlib_decomp. - Defend against writing beyond the end of the payload in _libssh2_transport_read(). - Sanitize padding_length - _libssh2_transport_read(). - This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent. - Prevent zero-byte allocation in sftp_packet_read() which could lead to an out-of-bounds read. - Check the length of data passed to sftp_packet_add() to prevent out-of-bounds reads. - Add a required_size parameter to sftp_packet_require et. al. to require callers of these functions to handle packets that are too short. - Additional length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add().
    last seen2020-06-01
    modified2020-06-02
    plugin id124182
    published2019-04-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124182
    titleFreeBSD : libssh2 -- multiple issues (6e58e1e9-2636-413e-9f84-4c0e21143628)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1308.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3858) - An out of bounds read flaw was discovered in libssh2 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3859) - An out of bounds read flaw was discovered in libssh2 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3860) - An out of bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3861) - An out of bounds read flaw was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3862) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-05-01
    plugin id124435
    published2019-05-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124435
    titleEulerOS 2.0 SP2 : libssh2 (EulerOS-SA-2019-1308)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-0679.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id123560
    published2019-04-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123560
    titleCentOS 7 : libssh2 (CESA-2019:0679)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1075.NASL
    descriptionThis update for libssh2_org fixes the following issues : Security issues fixed: &#9; - CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490). - CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492). - CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481). - CVE-2019-3863: Fixed an Integer overflow in user authenticate keyboard interactive which could allow out-of-bounds writes with specially crafted keyboard responses (bsc#1128493). - CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write with specially crafted payload (bsc#1128472). - CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev (bsc#1128480). - CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially crafted payload (bsc#1128471). - CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted SFTP packet (bsc#1128476). - CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet (bsc#1128474). Other issue addressed : - Libbssh2 will stop using keys unsupported types in the known_hosts file (bsc#1091236). This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id123494
    published2019-03-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123494
    titleopenSUSE Security Update : libssh2_org (openSUSE-2019-1075)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1175.NASL
    descriptionFrom Red Hat Security Advisory 2019:1175 : An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es) : * A flaw was found in the implementation of the
    last seen2020-06-01
    modified2020-06-02
    plugin id127584
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127584
    titleOracle Linux 8 : virt:rhel (ELSA-2019-1175) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-13982-1.NASL
    descriptionThis update for libssh2_org fixes the following issues : Security issues fixed : CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490). CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492). CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481). CVE-2019-3863: Fixed an Integer overflow in user authenicate keyboard interactive which could allow out-of-bounds writes with specially crafted keyboard responses (bsc#1128493). CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write with specially crafted payload (bsc#1128472). CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev (bsc#1128480). CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially crafted payload (bsc#1128471). CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted SFTP packet (bsc#1128476). CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet (bsc#1128474). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122971
    published2019-03-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122971
    titleSUSE SLES11 Security Update : libssh2_org (SUSE-SU-2019:13982-1)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0169_LIBSSH2.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.05, has libssh2 packages installed that are affected by multiple vulnerabilities: - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. (CVE-2019-3863) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id127458
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127458
    titleNewStart CGSL MAIN 4.05 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0169)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2019-1199.NASL
    descriptionAn integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) A vulnerability was found in in libssh2 where a server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857)
    last seen2020-06-01
    modified2020-06-02
    plugin id124305
    published2019-04-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124305
    titleAmazon Linux 2 : libssh2 (ALAS-2019-1199)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-3_0-0009_LIBSSH2.NASL
    descriptionAn update of the libssh2 package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id126377
    published2019-07-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126377
    titlePhoton OS 3.0: Libssh2 PHSA-2019-3.0-0009
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2399.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id127716
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127716
    titleRHEL 7 : libssh2 (RHSA-2019:2399)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-3348CB4934.NASL
    descriptionThis update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123760
    published2019-04-05
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123760
    titleFedora 28 : libssh2 (2019-3348cb4934)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1310.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3858) - An out of bounds read flaw was discovered in libssh2 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3859) - An out of bounds read flaw was discovered in libssh2 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3860) - An out of bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3861) - An out of bounds read flaw was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3862) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-05-01
    plugin id124437
    published2019-05-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124437
    titleEulerOS 2.0 SP5 : libssh2 (EulerOS-SA-2019-1310)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4431.NASL
    descriptionChris Coulson discovered several vulnerabilities in libssh2, a SSH2 client-side library, which could result in denial of service, information leaks or the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id124039
    published2019-04-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124039
    titleDebian DSA-4431-1 : libssh2 - security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1393.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters.(CVE-2016-0787) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124896
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124896
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : libssh2 (EulerOS-SA-2019-1393)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1429.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters.(CVE-2016-0787) - A flaw was found in the way the kex_agree_methods() function of libssh2 performed a key exchange when negotiating a new SSH session. A man-in-the-middle attacker could use a crafted SSH_MSG_KEXINIT packet to crash a connecting libssh2 client.(CVE-2015-1782) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.(CVE-2019-3862) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.(CVE-2019-3858) - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.(CVE-2019-3859) - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.(CVE-2019-3860) - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.(CVE-2019-3861) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124932
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124932
    titleEulerOS Virtualization 3.0.1.0 : libssh2 (EulerOS-SA-2019-1429)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1109.NASL
    descriptionThis update for libssh2_org fixes the following issues : Security issues fixed:&#9; - CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490). - CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492). - CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481). - CVE-2019-3863: Fixed an Integer overflow in user authenicate keyboard interactive which could allow out-of-bounds writes with specially crafted keyboard responses (bsc#1128493). - CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write with specially crafted payload (bsc#1128472). - CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev (bsc#1128480). - CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially crafted payload (bsc#1128471). - CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted SFTP packet (bsc#1128476). - CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet (bsc#1128474). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id123656
    published2019-04-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123656
    titleopenSUSE Security Update : libssh2_org (openSUSE-2019-1109)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190328_LIBSSH2_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) - libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) - libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) - libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863)
    last seen2020-03-18
    modified2019-03-29
    plugin id123489
    published2019-03-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123489
    titleScientific Linux Security Update : libssh2 on SL7.x x86_64 (20190328)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2019-077-01.NASL
    descriptionNew libssh2 packages are available for Slackware 14.2 and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122940
    published2019-03-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122940
    titleSlackware 14.2 / current : libssh2 (SSA:2019-077-01)
  • NASL familyVirtuozzo Local Security Checks
    NASL idVIRTUOZZO_VZLSA-2019-1652.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126505
    published2019-07-05
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126505
    titleVirtuozzo 6 : libssh2 / libssh2-devel / libssh2-docs (VZLSA-2019-1652)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-1652.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id126480
    published2019-07-05
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126480
    titleCentOS 6 : libssh2 (CESA-2019:1652)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2019-1254.NASL
    descriptionAn integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863)
    last seen2020-06-01
    modified2020-06-02
    plugin id127810
    published2019-08-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127810
    titleAmazon Linux AMI : libssh2 (ALAS-2019-1254)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0655-1.NASL
    descriptionThis update for libssh2_org fixes the following issues : Security issues fixed : CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490). CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492). CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481). CVE-2019-3863: Fixed an Integer overflow in user authenticate keyboard interactive which could allow out-of-bounds writes with specially crafted keyboard responses (bsc#1128493). CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write with specially crafted payload (bsc#1128472). CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev (bsc#1128480). CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially crafted payload (bsc#1128471). CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted SFTP packet (bsc#1128476). CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet (bsc#1128474). Other issue addressed: Libbssh2 will stop using keys unsupported types in the known_hosts file (bsc#1091236). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122997
    published2019-03-21
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122997
    titleSUSE SLED12 / SLES12 Security Update : libssh2_org (SUSE-SU-2019:0655-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1652.NASL
    descriptionFrom Red Hat Security Advisory 2019:1652 : An update for libssh2 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id126451
    published2019-07-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126451
    titleOracle Linux 6 : libssh2 (ELSA-2019-1652)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1175.NASL
    descriptionAn update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es) : * A flaw was found in the implementation of the
    last seen2020-05-23
    modified2019-05-14
    plugin id125041
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125041
    titleRHEL 8 : virt:rhel (RHSA-2019:1175) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1791.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id126759
    published2019-07-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126759
    titleRHEL 7 : libssh2 (RHSA-2019:1791)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-0679.NASL
    descriptionFrom Red Hat Security Advisory 2019:0679 : An update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id123483
    published2019-03-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123483
    titleOracle Linux 7 : libssh2 (ELSA-2019-0679)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0073_LIBSSH2.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libssh2 packages installed that are affected by multiple vulnerabilities: - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. (CVE-2019-3863) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id127279
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127279
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0073)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1362.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124740
    published2019-05-10
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124740
    titleEulerOS Virtualization 2.5.3 : libssh2 (EulerOS-SA-2019-1362)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-70A9D4F970.NASL
    descriptionThis update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124503
    published2019-05-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124503
    titleFedora 30 : libssh2 (2019-70a9d4f970)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-0679.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id123486
    published2019-03-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123486
    titleRHEL 7 : libssh2 (RHSA-2019:0679)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-F31C14682F.NASL
    descriptionThis update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123052
    published2019-03-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123052
    titleFedora 29 : libssh2 (2019-f31c14682f)

Redhat

advisories
  • rhsa
    idRHSA-2019:0679
  • rhsa
    idRHSA-2019:1175
  • rhsa
    idRHSA-2019:1652
  • rhsa
    idRHSA-2019:1791
  • rhsa
    idRHSA-2019:1943
  • rhsa
    idRHSA-2019:2399
rpms
  • libssh2-0:1.4.3-12.el7_6.2
  • libssh2-debuginfo-0:1.4.3-12.el7_6.2
  • libssh2-devel-0:1.4.3-12.el7_6.2
  • libssh2-docs-0:1.4.3-12.el7_6.2
  • SLOF-0:20171214-5.gitfa98132.module+el8.0.0+3075+09be6b65
  • hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • hivex-debugsource-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • hivex-devel-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • libguestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-bash-completion-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-benchmarking-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-benchmarking-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-debugsource-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-devel-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gfs2-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gobject-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gobject-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gobject-devel-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-inspect-icons-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-java-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-java-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-java-devel-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-javadoc-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-man-pages-ja-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-man-pages-uk-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-rescue-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-rsync-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-tools-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-tools-c-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-tools-c-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-winsupport-0:8.0-2.module+el8.0.0+3075+09be6b65
  • libguestfs-xfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libiscsi-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-debuginfo-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-debugsource-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-devel-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-utils-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-utils-debuginfo-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libssh2-0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
  • libssh2-debuginfo-0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
  • libssh2-debugsource-0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
  • libvirt-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-admin-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-admin-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-bash-completion-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-client-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-client-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-config-network-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-config-nwfilter-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-interface-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-interface-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-network-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-network-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nodedev-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nodedev-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nwfilter-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nwfilter-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-qemu-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-qemu-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-secret-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-secret-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-core-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-core-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-disk-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-disk-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-gluster-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-gluster-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-iscsi-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-iscsi-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-logical-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-logical-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-mpath-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-mpath-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-rbd-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-rbd-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-scsi-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-scsi-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-kvm-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-dbus-0:1.2.0-2.module+el8.0.0+3075+09be6b65
  • libvirt-dbus-debuginfo-0:1.2.0-2.module+el8.0.0+3075+09be6b65
  • libvirt-dbus-debugsource-0:1.2.0-2.module+el8.0.0+3075+09be6b65
  • libvirt-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-debugsource-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-devel-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-docs-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-libs-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-libs-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-lock-sanlock-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-lock-sanlock-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-nss-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-nss-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • lua-guestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • lua-guestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • nbdkit-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-bash-completion-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-basic-plugins-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-basic-plugins-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-debugsource-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-devel-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-example-plugins-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-example-plugins-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-gzip-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-gzip-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-python-common-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-python3-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-python3-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-vddk-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-vddk-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-xz-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-xz-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • netcf-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-debuginfo-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-debugsource-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-devel-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-libs-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-libs-debuginfo-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • perl-Sys-Guestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • perl-Sys-Guestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • perl-Sys-Virt-0:4.5.0-4.module+el8.0.0+3075+09be6b65
  • perl-Sys-Virt-debuginfo-0:4.5.0-4.module+el8.0.0+3075+09be6b65
  • perl-Sys-Virt-debugsource-0:4.5.0-4.module+el8.0.0+3075+09be6b65
  • perl-hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • perl-hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • python3-hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • python3-hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • python3-libguestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • python3-libguestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • python3-libvirt-0:4.5.0-1.module+el8.0.0+3075+09be6b65
  • python3-libvirt-debuginfo-0:4.5.0-1.module+el8.0.0+3075+09be6b65
  • qemu-guest-agent-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-guest-agent-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-img-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-img-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-curl-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-curl-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-gluster-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-gluster-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-iscsi-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-iscsi-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-rbd-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-rbd-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-ssh-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-ssh-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-common-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-common-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-core-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-core-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-debugsource-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • ruby-hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • ruby-hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • ruby-libguestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • ruby-libguestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • seabios-0:1.11.1-3.module+el8.0.0+3075+09be6b65
  • seabios-bin-0:1.11.1-3.module+el8.0.0+3075+09be6b65
  • seavgabios-bin-0:1.11.1-3.module+el8.0.0+3075+09be6b65
  • sgabios-1:0.20170427git-2.module+el8.0.0+3075+09be6b65
  • sgabios-bin-1:0.20170427git-2.module+el8.0.0+3075+09be6b65
  • supermin-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • supermin-debuginfo-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • supermin-debugsource-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • supermin-devel-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • virt-dib-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-dib-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-p2v-maker-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-v2v-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-v2v-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libssh2-0:1.4.2-3.el6_10.1
  • libssh2-debuginfo-0:1.4.2-3.el6_10.1
  • libssh2-devel-0:1.4.2-3.el6_10.1
  • libssh2-docs-0:1.4.2-3.el6_10.1
  • libssh2-0:1.4.3-11.el7_5.1
  • libssh2-debuginfo-0:1.4.3-11.el7_5.1
  • libssh2-devel-0:1.4.3-11.el7_5.1
  • libssh2-docs-0:1.4.3-11.el7_5.1
  • libssh2-0:1.4.3-11.el7_4.1
  • libssh2-debuginfo-0:1.4.3-11.el7_4.1
  • libssh2-devel-0:1.4.3-11.el7_4.1
  • libssh2-docs-0:1.4.3-11.el7_4.1
  • libssh2-0:1.4.3-11.el7_3.1
  • libssh2-debuginfo-0:1.4.3-11.el7_3.1
  • libssh2-devel-0:1.4.3-11.el7_3.1
  • libssh2-docs-0:1.4.3-11.el7_3.1

The Hacker News

idTHN:B9050A4E7D2CE55A80B70F1870DE2C24
last seen2019-03-19
modified2019-03-19
published2019-03-19
reporterThe Hacker News
sourcehttps://thehackernews.com/2019/03/libssh2-vulnerabilities.html
titleLibssh Releases Update to Patch 9 New Security Vulnerabilities

References