Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-17498

Опубликовано: 21 окт. 2019
Источник: debian
EPSS Низкий

Описание

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libssh2fixed1.9.0-1package

Примечания

  • https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c

  • https://securitylab.github.com/research/libssh2-integer-overflow-CVE-2019-17498/

  • Backported SUSE patch for versions <= 1.8.0 (including struct string_buf,

  • and the functions _libssh2_check_length(), _libssh2_get_u32() and

  • libssh2_get_string(), forming part of the fix):

  • https://bugzilla.suse.com/attachment.cgi?id=822416

  • Only exploitable with a malicious server

EPSS

Процентиль: 79%
0.01252
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2019-17498

CVSS3: 8.1
ubuntu
почти 6 лет назад

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

redhat логотип

CVE-2019-17498

CVSS3: 6.5
redhat
почти 6 лет назад

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

nvd логотип

CVE-2019-17498

CVSS3: 8.1
nvd
почти 6 лет назад

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

msrc логотип

CVE-2019-17498

CVSS3: 8.1
msrc
около 5 лет назад

Описание отсутствует

suse-cvrf логотип

openSUSE-SU-2019:2483-1

suse-cvrf
почти 6 лет назад

Security update for libssh2_org

EPSS

Процентиль: 79%
0.01252
Низкий