Vulnerabilities > CVE-2019-3863 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
libssh2
debian
netapp
opensuse
redhat
CWE-787
nessus

Summary

A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1652.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id126453
    published2019-07-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126453
    titleRHEL 6 : libssh2 (RHSA-2019:1652)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:1652. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126453);
      script_version("1.5");
      script_cvs_date("Date: 2020/01/08");
    
      script_cve_id("CVE-2019-3855", "CVE-2019-3856", "CVE-2019-3857", "CVE-2019-3863");
      script_xref(name:"RHSA", value:"2019:1652");
    
      script_name(english:"RHEL 6 : libssh2 (RHSA-2019:1652)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for libssh2 is now available for Red Hat Enterprise Linux 6.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The libssh2 packages provide a library that implements the SSH2
    protocol.
    
    Security Fix(es) :
    
    * libssh2: Integer overflow in transport read resulting in out of
    bounds write (CVE-2019-3855)
    
    * libssh2: Integer overflow in keyboard interactive handling resulting
    in out of bounds write (CVE-2019-3856)
    
    * libssh2: Integer overflow in SSH packet processing channel resulting
    in out of bounds write (CVE-2019-3857)
    
    * libssh2: Integer overflow in user authenticate keyboard interactive
    allows out-of-bounds writes (CVE-2019-3863)
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:1652"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3855"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3856"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3857"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3863"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-docs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:6");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 6.x", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:1652";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL6", reference:"libssh2-1.4.2-3.el6_10.1")) flag++;
      if (rpm_check(release:"RHEL6", reference:"libssh2-debuginfo-1.4.2-3.el6_10.1")) flag++;
      if (rpm_check(release:"RHEL6", reference:"libssh2-devel-1.4.2-3.el6_10.1")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"i686", reference:"libssh2-docs-1.4.2-3.el6_10.1")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"s390x", reference:"libssh2-docs-1.4.2-3.el6_10.1")) flag++;
      if (rpm_check(release:"RHEL6", cpu:"x86_64", reference:"libssh2-docs-1.4.2-3.el6_10.1")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libssh2 / libssh2-debuginfo / libssh2-devel / libssh2-docs");
      }
    }
    
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190702_LIBSSH2_ON_SL6_X.NASL
    descriptionSecurity Fix(es) : - libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) - libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) - libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) - libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863)
    last seen2020-03-18
    modified2019-07-03
    plugin id126454
    published2019-07-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126454
    titleScientific Linux Security Update : libssh2 on SL6.x i386/x86_64 (20190702)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text is (C) Scientific Linux.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(126454);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/02/24");
    
      script_cve_id("CVE-2019-3855", "CVE-2019-3856", "CVE-2019-3857", "CVE-2019-3863");
    
      script_name(english:"Scientific Linux Security Update : libssh2 on SL6.x i386/x86_64 (20190702)");
      script_summary(english:"Checks rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:
    "The remote Scientific Linux host is missing one or more security
    updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "Security Fix(es) :
    
      - libssh2: Integer overflow in transport read resulting in
        out of bounds write (CVE-2019-3855)
    
      - libssh2: Integer overflow in keyboard interactive
        handling resulting in out of bounds write
        (CVE-2019-3856)
    
      - libssh2: Integer overflow in SSH packet processing
        channel resulting in out of bounds write (CVE-2019-3857)
    
      - libssh2: Integer overflow in user authenticate keyboard
        interactive allows out-of-bounds writes (CVE-2019-3863)"
      );
      # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1907&L=SCIENTIFIC-LINUX-ERRATA&P=1778
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?bf81a233"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libssh2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libssh2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libssh2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:fermilab:scientific_linux:libssh2-docs");
      script_set_attribute(attribute:"cpe", value:"x-cpe:/o:fermilab:scientific_linux");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/02");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/07/03");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Scientific Linux Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/RedHat/release", "Host/RedHat/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Scientific Linux " >!< release) audit(AUDIT_HOST_NOT, "running Scientific Linux");
    os_ver = pregmatch(pattern: "Scientific Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Scientific Linux");
    os_ver = os_ver[1];
    if (! preg(pattern:"^6([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Scientific Linux 6.x", "Scientific Linux " + os_ver);
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu >!< "x86_64" && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Scientific Linux", cpu);
    
    
    flag = 0;
    if (rpm_check(release:"SL6", reference:"libssh2-1.4.2-3.el6_10.1")) flag++;
    if (rpm_check(release:"SL6", reference:"libssh2-debuginfo-1.4.2-3.el6_10.1")) flag++;
    if (rpm_check(release:"SL6", reference:"libssh2-devel-1.4.2-3.el6_10.1")) flag++;
    if (rpm_check(release:"SL6", reference:"libssh2-docs-1.4.2-3.el6_10.1")) flag++;
    
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libssh2 / libssh2-debuginfo / libssh2-devel / libssh2-docs");
    }
    
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1943.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 7.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id127630
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127630
    titleRHEL 7 : libssh2 (RHSA-2019:1943)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were  
    # extracted from Red Hat Security Advisory RHSA-2019:1943. The text 
    # itself is copyright (C) Red Hat, Inc.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(127630);
      script_version("1.5");
      script_cvs_date("Date: 2020/01/06");
    
      script_cve_id("CVE-2019-3855", "CVE-2019-3856", "CVE-2019-3857", "CVE-2019-3863");
      script_xref(name:"RHSA", value:"2019:1943");
    
      script_name(english:"RHEL 7 : libssh2 (RHSA-2019:1943)");
      script_summary(english:"Checks the rpm output for the updated packages");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote Red Hat host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "An update for libssh2 is now available for Red Hat Enterprise Linux
    7.4 Extended Update Support.
    
    Red Hat Product Security has rated this update as having a security
    impact of Important. A Common Vulnerability Scoring System (CVSS) base
    score, which gives a detailed severity rating, is available for each
    vulnerability from the CVE link(s) in the References section.
    
    The libssh2 packages provide a library that implements the SSH2
    protocol.
    
    Security Fix(es) :
    
    * libssh2: Integer overflow in transport read resulting in out of
    bounds write (CVE-2019-3855)
    
    * libssh2: Integer overflow in keyboard interactive handling resulting
    in out of bounds write (CVE-2019-3856)
    
    * libssh2: Integer overflow in SSH packet processing channel resulting
    in out of bounds write (CVE-2019-3857)
    
    * libssh2: Integer overflow in user authenticate keyboard interactive
    allows out-of-bounds writes (CVE-2019-3863)
    
    For more details about the security issue(s), including the impact, a
    CVSS score, acknowledgments, and other related information, refer to
    the CVE page(s) listed in the References section."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/errata/RHSA-2019:1943"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3855"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3856"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3857"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://access.redhat.com/security/cve/cve-2019-3863"
      );
      script_set_attribute(attribute:"solution", value:"Update the affected packages.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:libssh2-docs");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.4");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/30");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"Red Hat Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("misc_func.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/RedHat/release");
    if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
    os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
    os_ver = os_ver[1];
    if (! preg(pattern:"^7\.4([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.4", "Red Hat " + os_ver);
    
    if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);
    
    yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
    if (!empty_or_null(yum_updateinfo)) 
    {
      rhsa = "RHSA-2019:1943";
      yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
      if (!empty_or_null(yum_report))
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : yum_report 
        );
        exit(0);
      }
      else
      {
        audit_message = "affected by Red Hat security advisory " + rhsa;
        audit(AUDIT_OS_NOT, audit_message);
      }
    }
    else
    {
      flag = 0;
      if (rpm_check(release:"RHEL7", sp:"4", reference:"libssh2-1.4.3-11.el7_4.1")) flag++;
      if (rpm_check(release:"RHEL7", sp:"4", reference:"libssh2-debuginfo-1.4.3-11.el7_4.1")) flag++;
      if (rpm_check(release:"RHEL7", sp:"4", reference:"libssh2-devel-1.4.3-11.el7_4.1")) flag++;
      if (rpm_check(release:"RHEL7", sp:"4", reference:"libssh2-docs-1.4.3-11.el7_4.1")) flag++;
    
      if (flag)
      {
        security_report_v4(
          port       : 0,
          severity   : SECURITY_HOLE,
          extra      : rpm_report_get() + redhat_report_package_caveat()
        );
        exit(0);
      }
      else
      {
        tested = pkg_tests_get();
        if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
        else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libssh2 / libssh2-debuginfo / libssh2-devel / libssh2-docs");
      }
    }
    
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0179_LIBSSH2.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.06, has libssh2 packages installed that are affected by multiple vulnerabilities: - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. (CVE-2019-3863) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id128705
    published2019-09-11
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/128705
    titleNewStart CGSL MAIN 4.06 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0179)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from ZTE advisory NS-SA-2019-0179. The text
    # itself is copyright (C) ZTE, Inc.
    
    include("compat.inc");
    
    if (description)
    {
      script_id(128705);
      script_version("1.3");
      script_cvs_date("Date: 2019/10/17 14:31:05");
    
      script_cve_id(
        "CVE-2019-3855",
        "CVE-2019-3856",
        "CVE-2019-3857",
        "CVE-2019-3863"
      );
      script_bugtraq_id(107485);
    
      script_name(english:"NewStart CGSL MAIN 4.06 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0179)");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote machine is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The remote NewStart CGSL host, running version MAIN 4.06, has libssh2 packages installed that are affected by multiple
    vulnerabilities:
    
      - An integer overflow flaw which could lead to an out of
        bounds write was discovered in libssh2 before 1.8.1 in
        the way packets are read from the server. A remote
        attacker who compromises a SSH server may be able to
        execute code on the client system when a user connects
        to the server. (CVE-2019-3855)
    
      - An integer overflow flaw, which could lead to an out of
        bounds write, was discovered in libssh2 before 1.8.1 in
        the way keyboard prompt requests are parsed. A remote
        attacker who compromises a SSH server may be able to
        execute code on the client system when a user connects
        to the server. (CVE-2019-3856)
    
      - An integer overflow flaw which could lead to an out of
        bounds write was discovered in libssh2 before 1.8.1 in
        the way SSH_MSG_CHANNEL_REQUEST packets with an exit
        signal are parsed. A remote attacker who compromises a
        SSH server may be able to execute code on the client
        system when a user connects to the server.
        (CVE-2019-3857)
    
      - A flaw was found in libssh2 before 1.8.1. A server could
        send a multiple keyboard interactive response messages
        whose total length are greater than unsigned char max
        characters. This value is used as an index to copy
        memory causing in an out of bounds memory write error.
        (CVE-2019-3863)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2019-0179");
      script_set_attribute(attribute:"solution", value:
    "Upgrade the vulnerable CGSL libssh2 packages. Note that updated packages may not be available yet. Please contact ZTE
    for more information.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-3855");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2019/03/21");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/08/29");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/09/11");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"NewStart CGSL Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/ZTE-CGSL/release");
    if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, "NewStart Carrier Grade Server Linux");
    
    if (release !~ "CGSL MAIN 4.06")
      audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 4.06');
    
    if (!get_kb_item("Host/ZTE-CGSL/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "NewStart Carrier Grade Server Linux", cpu);
    
    flag = 0;
    
    pkgs = {
      "CGSL MAIN 4.06": [
        "libssh2-1.4.2-3.el6_10.1",
        "libssh2-debuginfo-1.4.2-3.el6_10.1",
        "libssh2-devel-1.4.2-3.el6_10.1",
        "libssh2-docs-1.4.2-3.el6_10.1"
      ]
    };
    pkg_list = pkgs[release];
    
    foreach (pkg in pkg_list)
      if (rpm_check(release:"ZTE " + release, reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_HOLE,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "libssh2");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1309.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3858) - An out of bounds read flaw was discovered in libssh2 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3859) - An out of bounds read flaw was discovered in libssh2 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3860) - An out of bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3861) - An out of bounds read flaw was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3862) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-05-01
    plugin id124436
    published2019-05-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124436
    titleEulerOS 2.0 SP3 : libssh2 (EulerOS-SA-2019-1309)
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_6E58E1E92636413E9F844C0E21143628.NASL
    descriptionlibssh2 developers report : - Defend against possible integer overflows in comp_method_zlib_decomp. - Defend against writing beyond the end of the payload in _libssh2_transport_read(). - Sanitize padding_length - _libssh2_transport_read(). - This prevents an underflow resulting in a potential out-of-bounds read if a server sends a too-large padding_length, possibly with malicious intent. - Prevent zero-byte allocation in sftp_packet_read() which could lead to an out-of-bounds read. - Check the length of data passed to sftp_packet_add() to prevent out-of-bounds reads. - Add a required_size parameter to sftp_packet_require et. al. to require callers of these functions to handle packets that are too short. - Additional length checks to prevent out-of-bounds reads and writes in _libssh2_packet_add().
    last seen2020-06-01
    modified2020-06-02
    plugin id124182
    published2019-04-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124182
    titleFreeBSD : libssh2 -- multiple issues (6e58e1e9-2636-413e-9f84-4c0e21143628)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1308.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3858) - An out of bounds read flaw was discovered in libssh2 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3859) - An out of bounds read flaw was discovered in libssh2 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3860) - An out of bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3861) - An out of bounds read flaw was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3862) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-05-01
    plugin id124435
    published2019-05-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124435
    titleEulerOS 2.0 SP2 : libssh2 (EulerOS-SA-2019-1308)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-0679.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id123560
    published2019-04-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123560
    titleCentOS 7 : libssh2 (CESA-2019:0679)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1075.NASL
    descriptionThis update for libssh2_org fixes the following issues : Security issues fixed: &#9; - CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490). - CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492). - CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481). - CVE-2019-3863: Fixed an Integer overflow in user authenticate keyboard interactive which could allow out-of-bounds writes with specially crafted keyboard responses (bsc#1128493). - CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write with specially crafted payload (bsc#1128472). - CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev (bsc#1128480). - CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially crafted payload (bsc#1128471). - CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted SFTP packet (bsc#1128476). - CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet (bsc#1128474). Other issue addressed : - Libbssh2 will stop using keys unsupported types in the known_hosts file (bsc#1091236). This update was imported from the SUSE:SLE-12:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id123494
    published2019-03-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123494
    titleopenSUSE Security Update : libssh2_org (openSUSE-2019-1075)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1175.NASL
    descriptionFrom Red Hat Security Advisory 2019:1175 : An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es) : * A flaw was found in the implementation of the
    last seen2020-06-01
    modified2020-06-02
    plugin id127584
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127584
    titleOracle Linux 8 : virt:rhel (ELSA-2019-1175) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-13982-1.NASL
    descriptionThis update for libssh2_org fixes the following issues : Security issues fixed : CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490). CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492). CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481). CVE-2019-3863: Fixed an Integer overflow in user authenicate keyboard interactive which could allow out-of-bounds writes with specially crafted keyboard responses (bsc#1128493). CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write with specially crafted payload (bsc#1128472). CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev (bsc#1128480). CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially crafted payload (bsc#1128471). CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted SFTP packet (bsc#1128476). CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet (bsc#1128474). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122971
    published2019-03-20
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122971
    titleSUSE SLES11 Security Update : libssh2_org (SUSE-SU-2019:13982-1)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0169_LIBSSH2.NASL
    descriptionThe remote NewStart CGSL host, running version MAIN 4.05, has libssh2 packages installed that are affected by multiple vulnerabilities: - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. (CVE-2019-3863) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id127458
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127458
    titleNewStart CGSL MAIN 4.05 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0169)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2019-1199.NASL
    descriptionAn integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) A vulnerability was found in in libssh2 where a server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857)
    last seen2020-06-01
    modified2020-06-02
    plugin id124305
    published2019-04-26
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124305
    titleAmazon Linux 2 : libssh2 (ALAS-2019-1199)
  • NASL familyPhotonOS Local Security Checks
    NASL idPHOTONOS_PHSA-2019-3_0-0009_LIBSSH2.NASL
    descriptionAn update of the libssh2 package has been released.
    last seen2020-06-01
    modified2020-06-02
    plugin id126377
    published2019-07-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126377
    titlePhoton OS 3.0: Libssh2 PHSA-2019-3.0-0009
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-2399.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support, Red Hat Enterprise Linux 7.3 Telco Extended Update Support, and Red Hat Enterprise Linux 7.3 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id127716
    published2019-08-12
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127716
    titleRHEL 7 : libssh2 (RHSA-2019:2399)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-3348CB4934.NASL
    descriptionThis update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123760
    published2019-04-05
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123760
    titleFedora 28 : libssh2 (2019-3348cb4934)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1310.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3858) - An out of bounds read flaw was discovered in libssh2 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3859) - An out of bounds read flaw was discovered in libssh2 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3860) - An out of bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3861) - An out of bounds read flaw was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.(CVE-2019-3862) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-05-01
    plugin id124437
    published2019-05-01
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124437
    titleEulerOS 2.0 SP5 : libssh2 (EulerOS-SA-2019-1310)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4431.NASL
    descriptionChris Coulson discovered several vulnerabilities in libssh2, a SSH2 client-side library, which could result in denial of service, information leaks or the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id124039
    published2019-04-15
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124039
    titleDebian DSA-4431-1 : libssh2 - security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1393.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters.(CVE-2016-0787) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124896
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124896
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : libssh2 (EulerOS-SA-2019-1393)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1429.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A type confusion issue was found in the way libssh2 generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters.(CVE-2016-0787) - A flaw was found in the way the kex_agree_methods() function of libssh2 performed a key exchange when negotiating a new SSH session. A man-in-the-middle attacker could use a crafted SSH_MSG_KEXINIT packet to crash a connecting libssh2 client.(CVE-2015-1782) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.(CVE-2019-3862) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.(CVE-2019-3858) - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.(CVE-2019-3859) - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.(CVE-2019-3860) - An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.(CVE-2019-3861) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124932
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124932
    titleEulerOS Virtualization 3.0.1.0 : libssh2 (EulerOS-SA-2019-1429)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-1109.NASL
    descriptionThis update for libssh2_org fixes the following issues : Security issues fixed:&#9; - CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490). - CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492). - CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481). - CVE-2019-3863: Fixed an Integer overflow in user authenicate keyboard interactive which could allow out-of-bounds writes with specially crafted keyboard responses (bsc#1128493). - CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write with specially crafted payload (bsc#1128472). - CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev (bsc#1128480). - CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially crafted payload (bsc#1128471). - CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted SFTP packet (bsc#1128476). - CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet (bsc#1128474). This update was imported from the SUSE:SLE-15:Update update project.
    last seen2020-06-01
    modified2020-06-02
    plugin id123656
    published2019-04-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123656
    titleopenSUSE Security Update : libssh2_org (openSUSE-2019-1109)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20190328_LIBSSH2_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) - libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) - libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) - libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863)
    last seen2020-03-18
    modified2019-03-29
    plugin id123489
    published2019-03-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123489
    titleScientific Linux Security Update : libssh2 on SL7.x x86_64 (20190328)
  • NASL familySlackware Local Security Checks
    NASL idSLACKWARE_SSA_2019-077-01.NASL
    descriptionNew libssh2 packages are available for Slackware 14.2 and -current to fix security issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122940
    published2019-03-19
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122940
    titleSlackware 14.2 / current : libssh2 (SSA:2019-077-01)
  • NASL familyVirtuozzo Local Security Checks
    NASL idVIRTUOZZO_VZLSA-2019-1652.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Note that Tenable Network Security has attempted to extract the preceding description block directly from the corresponding Red Hat security advisory. Virtuozzo provides no description for VZLSA advisories. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id126505
    published2019-07-05
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126505
    titleVirtuozzo 6 : libssh2 / libssh2-devel / libssh2-docs (VZLSA-2019-1652)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2019-1652.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id126480
    published2019-07-05
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126480
    titleCentOS 6 : libssh2 (CESA-2019:1652)
  • NASL familyAmazon Linux Local Security Checks
    NASL idALA_ALAS-2019-1254.NASL
    descriptionAn integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863)
    last seen2020-06-01
    modified2020-06-02
    plugin id127810
    published2019-08-13
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127810
    titleAmazon Linux AMI : libssh2 (ALAS-2019-1254)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2019-0655-1.NASL
    descriptionThis update for libssh2_org fixes the following issues : Security issues fixed : CVE-2019-3861: Fixed Out-of-bounds reads with specially crafted SSH packets (bsc#1128490). CVE-2019-3862: Fixed Out-of-bounds memory comparison with specially crafted message channel request packet (bsc#1128492). CVE-2019-3860: Fixed Out-of-bounds reads with specially crafted SFTP packets (bsc#1128481). CVE-2019-3863: Fixed an Integer overflow in user authenticate keyboard interactive which could allow out-of-bounds writes with specially crafted keyboard responses (bsc#1128493). CVE-2019-3856: Fixed a potential Integer overflow in keyboard interactive handling which could allow out-of-bounds write with specially crafted payload (bsc#1128472). CVE-2019-3859: Fixed Out-of-bounds reads with specially crafted payloads due to unchecked use of _libssh2_packet_require and _libssh2_packet_requirev (bsc#1128480). CVE-2019-3855: Fixed a potential Integer overflow in transport read which could allow out-of-bounds write with specially crafted payload (bsc#1128471). CVE-2019-3858: Fixed a potential zero-byte allocation which could lead to an out-of-bounds read with a specially crafted SFTP packet (bsc#1128476). CVE-2019-3857: Fixed a potential Integer overflow which could lead to zero-byte allocation and out-of-bounds with specially crafted message channel request SSH packet (bsc#1128474). Other issue addressed: Libbssh2 will stop using keys unsupported types in the known_hosts file (bsc#1091236). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id122997
    published2019-03-21
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122997
    titleSUSE SLED12 / SLES12 Security Update : libssh2_org (SUSE-SU-2019:0655-1)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-1652.NASL
    descriptionFrom Red Hat Security Advisory 2019:1652 : An update for libssh2 is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id126451
    published2019-07-03
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126451
    titleOracle Linux 6 : libssh2 (ELSA-2019-1652)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1175.NASL
    descriptionAn update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Kernel-based Virtual Machine (KVM) offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Security Fix(es) : * A flaw was found in the implementation of the
    last seen2020-05-23
    modified2019-05-14
    plugin id125041
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125041
    titleRHEL 8 : virt:rhel (RHSA-2019:1175) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-1791.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id126759
    published2019-07-17
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/126759
    titleRHEL 7 : libssh2 (RHSA-2019:1791)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2019-0679.NASL
    descriptionFrom Red Hat Security Advisory 2019:0679 : An update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id123483
    published2019-03-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123483
    titleOracle Linux 7 : libssh2 (ELSA-2019-0679)
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0073_LIBSSH2.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libssh2 packages installed that are affected by multiple vulnerabilities: - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. (CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error. (CVE-2019-3863) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-01
    modified2020-06-02
    plugin id127279
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127279
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : libssh2 Multiple Vulnerabilities (NS-SA-2019-0073)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1362.NASL
    descriptionAccording to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3855) - An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3856) - An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.(CVE-2019-3857) - A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.(CVE-2019-3863) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124740
    published2019-05-10
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124740
    titleEulerOS Virtualization 2.5.3 : libssh2 (EulerOS-SA-2019-1362)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-70A9D4F970.NASL
    descriptionThis update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124503
    published2019-05-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124503
    titleFedora 30 : libssh2 (2019-70a9d4f970)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2019-0679.NASL
    descriptionAn update for libssh2 is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The libssh2 packages provide a library that implements the SSH2 protocol. Security Fix(es) : * libssh2: Integer overflow in transport read resulting in out of bounds write (CVE-2019-3855) * libssh2: Integer overflow in keyboard interactive handling resulting in out of bounds write (CVE-2019-3856) * libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write (CVE-2019-3857) * libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes (CVE-2019-3863) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
    last seen2020-06-01
    modified2020-06-02
    plugin id123486
    published2019-03-29
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123486
    titleRHEL 7 : libssh2 (RHSA-2019:0679)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2019-F31C14682F.NASL
    descriptionThis update addresses various overflow conditions that could result in possible memory read/write out of bounds errors or zero byte allocations when connected to a malicious server. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id123052
    published2019-03-25
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123052
    titleFedora 29 : libssh2 (2019-f31c14682f)

Redhat

advisories
  • bugzilla
    id1687313
    titleCVE-2019-3863 libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 7 is installed
        ovaloval:com.redhat.rhba:tst:20150364027
      • OR
        • AND
          • commentlibssh2-devel is earlier than 0:1.4.3-12.el7_6.2
            ovaloval:com.redhat.rhsa:tst:20190679001
          • commentlibssh2-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152140004
        • AND
          • commentlibssh2-docs is earlier than 0:1.4.3-12.el7_6.2
            ovaloval:com.redhat.rhsa:tst:20190679003
          • commentlibssh2-docs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152140002
        • AND
          • commentlibssh2 is earlier than 0:1.4.3-12.el7_6.2
            ovaloval:com.redhat.rhsa:tst:20190679005
          • commentlibssh2 is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152140006
    rhsa
    idRHSA-2019:0679
    released2019-03-28
    severityImportant
    titleRHSA-2019:0679: libssh2 security update (Important)
  • bugzilla
    id1705312
    titleCVE-2019-11091 hardware: Microarchitectural Data Sampling Uncacheable Memory (MDSUM)
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 8 is installed
        ovaloval:com.redhat.rhba:tst:20193384074
      • commentModule virt:rhel is enabled
        ovaloval:com.redhat.rhsa:tst:20191175217
      • OR
        • AND
          • commentvirt-v2v is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175001
          • commentvirt-v2v is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20111615002
        • AND
          • commentvirt-p2v-maker is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175003
          • commentvirt-p2v-maker is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175004
        • AND
          • commentvirt-dib is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175005
          • commentvirt-dib is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576014
        • AND
          • commentsupermin-devel is earlier than 0:5.1.19-8.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175007
          • commentsupermin-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175008
        • AND
          • commentsupermin-debugsource is earlier than 0:5.1.19-8.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175009
          • commentsupermin-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175010
        • AND
          • commentsupermin is earlier than 0:5.1.19-8.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175011
          • commentsupermin is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175012
        • AND
          • commentsgabios is earlier than 1:0.20170427git-2.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175013
          • commentsgabios is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175014
        • AND
          • commentseabios is earlier than 0:1.11.1-3.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175015
          • commentseabios is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175016
        • AND
          • commentruby-libguestfs is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175017
          • commentruby-libguestfs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110586012
        • AND
          • commentruby-hivex is earlier than 0:1.3.15-6.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175019
          • commentruby-hivex is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150301006
        • AND
          • commentqemu-kvm-debugsource is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175021
          • commentqemu-kvm-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175022
        • AND
          • commentqemu-kvm-core is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175023
          • commentqemu-kvm-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175024
        • AND
          • commentqemu-kvm-common is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175025
          • commentqemu-kvm-common is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140704004
        • AND
          • commentqemu-kvm-block-ssh is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175027
          • commentqemu-kvm-block-ssh is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175028
        • AND
          • commentqemu-kvm-block-rbd is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175029
          • commentqemu-kvm-block-rbd is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175030
        • AND
          • commentqemu-kvm-block-iscsi is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175031
          • commentqemu-kvm-block-iscsi is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175032
        • AND
          • commentqemu-kvm-block-gluster is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175033
          • commentqemu-kvm-block-gluster is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175034
        • AND
          • commentqemu-kvm-block-curl is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175035
          • commentqemu-kvm-block-curl is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175036
        • AND
          • commentqemu-kvm is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175037
          • commentqemu-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110345004
        • AND
          • commentqemu-img is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175039
          • commentqemu-img is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110345006
        • AND
          • commentqemu-guest-agent is earlier than 15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
            ovaloval:com.redhat.rhsa:tst:20191175041
          • commentqemu-guest-agent is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20121234002
        • AND
          • commentpython3-libvirt is earlier than 0:4.5.0-1.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175043
          • commentpython3-libvirt is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175044
        • AND
          • commentpython3-libguestfs is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175045
          • commentpython3-libguestfs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175046
        • AND
          • commentpython3-hivex is earlier than 0:1.3.15-6.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175047
          • commentpython3-hivex is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175048
        • AND
          • commentperl-hivex is earlier than 0:1.3.15-6.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175049
          • commentperl-hivex is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150301002
        • AND
          • commentperl-Sys-Virt-debugsource is earlier than 0:4.5.0-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175051
          • commentperl-Sys-Virt-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175052
        • AND
          • commentperl-Sys-Virt is earlier than 0:4.5.0-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175053
          • commentperl-Sys-Virt is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175054
        • AND
          • commentperl-Sys-Guestfs is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175055
          • commentperl-Sys-Guestfs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110586016
        • AND
          • commentnetcf-libs is earlier than 0:0.2.8-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175057
          • commentnetcf-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20151307002
        • AND
          • commentnetcf-devel is earlier than 0:0.2.8-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175059
          • commentnetcf-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20151307004
        • AND
          • commentnetcf-debugsource is earlier than 0:0.2.8-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175061
          • commentnetcf-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175062
        • AND
          • commentnetcf is earlier than 0:0.2.8-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175063
          • commentnetcf is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20151307006
        • AND
          • commentnbdkit-plugin-xz is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175065
          • commentnbdkit-plugin-xz is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175066
        • AND
          • commentnbdkit-plugin-vddk is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175067
          • commentnbdkit-plugin-vddk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175068
        • AND
          • commentnbdkit-plugin-python3 is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175069
          • commentnbdkit-plugin-python3 is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175070
        • AND
          • commentnbdkit-plugin-python-common is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175071
          • commentnbdkit-plugin-python-common is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175072
        • AND
          • commentnbdkit-plugin-gzip is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175073
          • commentnbdkit-plugin-gzip is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175074
        • AND
          • commentnbdkit-example-plugins is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175075
          • commentnbdkit-example-plugins is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175076
        • AND
          • commentnbdkit-devel is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175077
          • commentnbdkit-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175078
        • AND
          • commentnbdkit-debugsource is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175079
          • commentnbdkit-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175080
        • AND
          • commentnbdkit-basic-plugins is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175081
          • commentnbdkit-basic-plugins is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175082
        • AND
          • commentnbdkit is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175083
          • commentnbdkit is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175084
        • AND
          • commentlua-guestfs is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175085
          • commentlua-guestfs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576024
        • AND
          • commentlibvirt-nss is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175087
          • commentlibvirt-nss is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162577036
        • AND
          • commentlibvirt-lock-sanlock is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175089
          • commentlibvirt-lock-sanlock is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20131581002
        • AND
          • commentlibvirt-libs is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175091
          • commentlibvirt-libs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20180029018
        • AND
          • commentlibvirt-docs is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175093
          • commentlibvirt-docs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914028
        • AND
          • commentlibvirt-devel is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175095
          • commentlibvirt-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20131581004
        • AND
          • commentlibvirt-debugsource is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175097
          • commentlibvirt-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175098
        • AND
          • commentlibvirt-dbus-debugsource is earlier than 0:1.2.0-2.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175099
          • commentlibvirt-dbus-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175100
        • AND
          • commentlibvirt-dbus is earlier than 0:1.2.0-2.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175101
          • commentlibvirt-dbus is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175102
        • AND
          • commentlibvirt-daemon-kvm is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175103
          • commentlibvirt-daemon-kvm is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914022
        • AND
          • commentlibvirt-daemon-driver-storage-scsi is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175105
          • commentlibvirt-daemon-driver-storage-scsi is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20180029028
        • AND
          • commentlibvirt-daemon-driver-storage-rbd is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175107
          • commentlibvirt-daemon-driver-storage-rbd is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20180029040
        • AND
          • commentlibvirt-daemon-driver-storage-mpath is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175109
          • commentlibvirt-daemon-driver-storage-mpath is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20180029026
        • AND
          • commentlibvirt-daemon-driver-storage-logical is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175111
          • commentlibvirt-daemon-driver-storage-logical is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20180029020
        • AND
          • commentlibvirt-daemon-driver-storage-iscsi is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175113
          • commentlibvirt-daemon-driver-storage-iscsi is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20180029014
        • AND
          • commentlibvirt-daemon-driver-storage-gluster is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175115
          • commentlibvirt-daemon-driver-storage-gluster is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20180029048
        • AND
          • commentlibvirt-daemon-driver-storage-disk is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175117
          • commentlibvirt-daemon-driver-storage-disk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20180029008
        • AND
          • commentlibvirt-daemon-driver-storage-core is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175119
          • commentlibvirt-daemon-driver-storage-core is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20180029010
        • AND
          • commentlibvirt-daemon-driver-storage is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175121
          • commentlibvirt-daemon-driver-storage is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914040
        • AND
          • commentlibvirt-daemon-driver-secret is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175123
          • commentlibvirt-daemon-driver-secret is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914024
        • AND
          • commentlibvirt-daemon-driver-qemu is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175125
          • commentlibvirt-daemon-driver-qemu is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914016
        • AND
          • commentlibvirt-daemon-driver-nwfilter is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175127
          • commentlibvirt-daemon-driver-nwfilter is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914002
        • AND
          • commentlibvirt-daemon-driver-nodedev is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175129
          • commentlibvirt-daemon-driver-nodedev is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914006
        • AND
          • commentlibvirt-daemon-driver-network is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175131
          • commentlibvirt-daemon-driver-network is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914010
        • AND
          • commentlibvirt-daemon-driver-interface is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175133
          • commentlibvirt-daemon-driver-interface is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914012
        • AND
          • commentlibvirt-daemon-config-nwfilter is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175135
          • commentlibvirt-daemon-config-nwfilter is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914020
        • AND
          • commentlibvirt-daemon-config-network is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175137
          • commentlibvirt-daemon-config-network is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914026
        • AND
          • commentlibvirt-daemon is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175139
          • commentlibvirt-daemon is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20140914008
        • AND
          • commentlibvirt-client is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175141
          • commentlibvirt-client is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20131581008
        • AND
          • commentlibvirt-bash-completion is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175143
          • commentlibvirt-bash-completion is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20183113026
        • AND
          • commentlibvirt-admin is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175145
          • commentlibvirt-admin is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20180029056
        • AND
          • commentlibvirt is earlier than 0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
            ovaloval:com.redhat.rhsa:tst:20191175147
          • commentlibvirt is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhba:tst:20131581010
        • AND
          • commentlibssh2-debugsource is earlier than 0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
            ovaloval:com.redhat.rhsa:tst:20191175149
          • commentlibssh2-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175150
        • AND
          • commentlibssh2 is earlier than 0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
            ovaloval:com.redhat.rhsa:tst:20191175151
          • commentlibssh2 is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152140006
        • AND
          • commentlibiscsi-utils is earlier than 0:1.18.0-6.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175153
          • commentlibiscsi-utils is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175154
        • AND
          • commentlibiscsi-devel is earlier than 0:1.18.0-6.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175155
          • commentlibiscsi-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175156
        • AND
          • commentlibiscsi-debugsource is earlier than 0:1.18.0-6.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175157
          • commentlibiscsi-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175158
        • AND
          • commentlibiscsi is earlier than 0:1.18.0-6.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175159
          • commentlibiscsi is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175160
        • AND
          • commentlibguestfs-xfs is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175161
          • commentlibguestfs-xfs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576046
        • AND
          • commentlibguestfs-winsupport is earlier than 0:8.0-2.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175163
          • commentlibguestfs-winsupport is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175164
        • AND
          • commentlibguestfs-tools-c is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175165
          • commentlibguestfs-tools-c is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110586024
        • AND
          • commentlibguestfs-rsync is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175167
          • commentlibguestfs-rsync is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576036
        • AND
          • commentlibguestfs-rescue is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175169
          • commentlibguestfs-rescue is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576018
        • AND
          • commentlibguestfs-java-devel is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175171
          • commentlibguestfs-java-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110586014
        • AND
          • commentlibguestfs-java is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175173
          • commentlibguestfs-java is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110586022
        • AND
          • commentlibguestfs-gobject-devel is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175175
          • commentlibguestfs-gobject-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576034
        • AND
          • commentlibguestfs-gobject is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175177
          • commentlibguestfs-gobject is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576020
        • AND
          • commentlibguestfs-gfs2 is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175179
          • commentlibguestfs-gfs2 is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576026
        • AND
          • commentlibguestfs-devel is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175181
          • commentlibguestfs-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110586002
        • AND
          • commentlibguestfs-debugsource is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175183
          • commentlibguestfs-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175184
        • AND
          • commentlibguestfs is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175185
          • commentlibguestfs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110586028
        • AND
          • commenthivex-devel is earlier than 0:1.3.15-6.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175187
          • commenthivex-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150301010
        • AND
          • commenthivex-debugsource is earlier than 0:1.3.15-6.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175189
          • commenthivex-debugsource is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175190
        • AND
          • commenthivex is earlier than 0:1.3.15-6.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175191
          • commenthivex is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20150301004
        • AND
          • commentlibguestfs-benchmarking is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175193
          • commentlibguestfs-benchmarking is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175194
        • AND
          • commentsgabios-bin is earlier than 1:0.20170427git-2.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175195
          • commentsgabios-bin is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175196
        • AND
          • commentseavgabios-bin is earlier than 0:1.11.1-3.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175197
          • commentseavgabios-bin is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175198
        • AND
          • commentseabios-bin is earlier than 0:1.11.1-3.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175199
          • commentseabios-bin is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175200
        • AND
          • commentSLOF is earlier than 0:20171214-5.gitfa98132.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175201
          • commentSLOF is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175202
        • AND
          • commentnbdkit-bash-completion is earlier than 0:1.4.2-4.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175203
          • commentnbdkit-bash-completion is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20191175204
        • AND
          • commentlibguestfs-tools is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175205
          • commentlibguestfs-tools is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110586018
        • AND
          • commentlibguestfs-man-pages-uk is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175207
          • commentlibguestfs-man-pages-uk is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576010
        • AND
          • commentlibguestfs-man-pages-ja is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175209
          • commentlibguestfs-man-pages-ja is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576006
        • AND
          • commentlibguestfs-javadoc is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175211
          • commentlibguestfs-javadoc is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20110586010
        • AND
          • commentlibguestfs-inspect-icons is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175213
          • commentlibguestfs-inspect-icons is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576038
        • AND
          • commentlibguestfs-bash-completion is earlier than 1:1.38.4-10.module+el8.0.0+3075+09be6b65
            ovaloval:com.redhat.rhsa:tst:20191175215
          • commentlibguestfs-bash-completion is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20162576004
    rhsa
    idRHSA-2019:1175
    released2019-05-14
    severityImportant
    titleRHSA-2019:1175: virt:rhel security update (Important)
  • bugzilla
    id1687313
    titleCVE-2019-3863 libssh2: Integer overflow in user authenticate keyboard interactive allows out-of-bounds writes
    oval
    OR
    • commentRed Hat Enterprise Linux must be installed
      ovaloval:com.redhat.rhba:tst:20070304026
    • AND
      • commentRed Hat Enterprise Linux 6 is installed
        ovaloval:com.redhat.rhba:tst:20111656003
      • OR
        • AND
          • commentlibssh2-docs is earlier than 0:1.4.2-3.el6_10.1
            ovaloval:com.redhat.rhsa:tst:20191652001
          • commentlibssh2-docs is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152140002
        • AND
          • commentlibssh2-devel is earlier than 0:1.4.2-3.el6_10.1
            ovaloval:com.redhat.rhsa:tst:20191652003
          • commentlibssh2-devel is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152140004
        • AND
          • commentlibssh2 is earlier than 0:1.4.2-3.el6_10.1
            ovaloval:com.redhat.rhsa:tst:20191652005
          • commentlibssh2 is signed with Red Hat redhatrelease2 key
            ovaloval:com.redhat.rhsa:tst:20152140006
    rhsa
    idRHSA-2019:1652
    released2019-07-02
    severityImportant
    titleRHSA-2019:1652: libssh2 security update (Important)
  • rhsa
    idRHSA-2019:1791
  • rhsa
    idRHSA-2019:1943
  • rhsa
    idRHSA-2019:2399
rpms
  • libssh2-0:1.4.3-12.el7_6.2
  • libssh2-debuginfo-0:1.4.3-12.el7_6.2
  • libssh2-devel-0:1.4.3-12.el7_6.2
  • libssh2-docs-0:1.4.3-12.el7_6.2
  • SLOF-0:20171214-5.gitfa98132.module+el8.0.0+3075+09be6b65
  • hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • hivex-debugsource-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • hivex-devel-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • libguestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-bash-completion-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-benchmarking-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-benchmarking-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-debugsource-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-devel-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gfs2-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gobject-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gobject-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-gobject-devel-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-inspect-icons-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-java-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-java-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-java-devel-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-javadoc-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-man-pages-ja-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-man-pages-uk-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-rescue-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-rsync-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-tools-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-tools-c-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-tools-c-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libguestfs-winsupport-0:8.0-2.module+el8.0.0+3075+09be6b65
  • libguestfs-xfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libiscsi-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-debuginfo-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-debugsource-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-devel-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-utils-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libiscsi-utils-debuginfo-0:1.18.0-6.module+el8.0.0+3075+09be6b65
  • libssh2-0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
  • libssh2-debuginfo-0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
  • libssh2-debugsource-0:1.8.0-7.module+el8.0.0+3075+09be6b65.1
  • libvirt-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-admin-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-admin-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-bash-completion-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-client-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-client-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-config-network-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-config-nwfilter-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-interface-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-interface-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-network-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-network-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nodedev-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nodedev-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nwfilter-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-nwfilter-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-qemu-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-qemu-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-secret-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-secret-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-core-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-core-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-disk-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-disk-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-gluster-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-gluster-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-iscsi-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-iscsi-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-logical-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-logical-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-mpath-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-mpath-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-rbd-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-rbd-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-scsi-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-driver-storage-scsi-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-daemon-kvm-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-dbus-0:1.2.0-2.module+el8.0.0+3075+09be6b65
  • libvirt-dbus-debuginfo-0:1.2.0-2.module+el8.0.0+3075+09be6b65
  • libvirt-dbus-debugsource-0:1.2.0-2.module+el8.0.0+3075+09be6b65
  • libvirt-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-debugsource-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-devel-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-docs-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-libs-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-libs-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-lock-sanlock-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-lock-sanlock-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-nss-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • libvirt-nss-debuginfo-0:4.5.0-23.1.module+el8.0.0+3151+3ba813f9
  • lua-guestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • lua-guestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • nbdkit-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-bash-completion-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-basic-plugins-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-basic-plugins-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-debugsource-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-devel-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-example-plugins-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-example-plugins-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-gzip-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-gzip-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-python-common-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-python3-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-python3-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-vddk-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-vddk-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-xz-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • nbdkit-plugin-xz-debuginfo-0:1.4.2-4.module+el8.0.0+3075+09be6b65
  • netcf-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-debuginfo-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-debugsource-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-devel-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-libs-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • netcf-libs-debuginfo-0:0.2.8-10.module+el8.0.0+3075+09be6b65
  • perl-Sys-Guestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • perl-Sys-Guestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • perl-Sys-Virt-0:4.5.0-4.module+el8.0.0+3075+09be6b65
  • perl-Sys-Virt-debuginfo-0:4.5.0-4.module+el8.0.0+3075+09be6b65
  • perl-Sys-Virt-debugsource-0:4.5.0-4.module+el8.0.0+3075+09be6b65
  • perl-hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • perl-hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • python3-hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • python3-hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • python3-libguestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • python3-libguestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • python3-libvirt-0:4.5.0-1.module+el8.0.0+3075+09be6b65
  • python3-libvirt-debuginfo-0:4.5.0-1.module+el8.0.0+3075+09be6b65
  • qemu-guest-agent-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-guest-agent-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-img-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-img-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-curl-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-curl-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-gluster-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-gluster-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-iscsi-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-iscsi-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-rbd-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-rbd-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-ssh-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-block-ssh-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-common-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-common-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-core-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-core-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-debuginfo-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • qemu-kvm-debugsource-15:2.12.0-64.module+el8.0.0+3180+d6a3561d.2
  • ruby-hivex-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • ruby-hivex-debuginfo-0:1.3.15-6.module+el8.0.0+3075+09be6b65
  • ruby-libguestfs-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • ruby-libguestfs-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • seabios-0:1.11.1-3.module+el8.0.0+3075+09be6b65
  • seabios-bin-0:1.11.1-3.module+el8.0.0+3075+09be6b65
  • seavgabios-bin-0:1.11.1-3.module+el8.0.0+3075+09be6b65
  • sgabios-1:0.20170427git-2.module+el8.0.0+3075+09be6b65
  • sgabios-bin-1:0.20170427git-2.module+el8.0.0+3075+09be6b65
  • supermin-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • supermin-debuginfo-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • supermin-debugsource-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • supermin-devel-0:5.1.19-8.module+el8.0.0+3075+09be6b65
  • virt-dib-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-dib-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-p2v-maker-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-v2v-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • virt-v2v-debuginfo-1:1.38.4-10.module+el8.0.0+3075+09be6b65
  • libssh2-0:1.4.2-3.el6_10.1
  • libssh2-debuginfo-0:1.4.2-3.el6_10.1
  • libssh2-devel-0:1.4.2-3.el6_10.1
  • libssh2-docs-0:1.4.2-3.el6_10.1
  • libssh2-0:1.4.3-11.el7_5.1
  • libssh2-debuginfo-0:1.4.3-11.el7_5.1
  • libssh2-devel-0:1.4.3-11.el7_5.1
  • libssh2-docs-0:1.4.3-11.el7_5.1
  • libssh2-0:1.4.3-11.el7_4.1
  • libssh2-debuginfo-0:1.4.3-11.el7_4.1
  • libssh2-devel-0:1.4.3-11.el7_4.1
  • libssh2-docs-0:1.4.3-11.el7_4.1
  • libssh2-0:1.4.3-11.el7_3.1
  • libssh2-debuginfo-0:1.4.3-11.el7_3.1
  • libssh2-devel-0:1.4.3-11.el7_3.1
  • libssh2-docs-0:1.4.3-11.el7_3.1

The Hacker News

idTHN:B9050A4E7D2CE55A80B70F1870DE2C24
last seen2019-03-19
modified2019-03-19
published2019-03-19
reporterThe Hacker News
sourcehttps://thehackernews.com/2019/03/libssh2-vulnerabilities.html
titleLibssh Releases Update to Patch 9 New Security Vulnerabilities

References