Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

fstec логотип

BDU:2019-03917

Опубликовано: 03 дек. 2018
Источник: fstec
CVSS3: 8.8
CVSS2: 9.3
EPSS Низкий

Описание

Уязвимость команды SSH_MSG_CHANNEL_REQUEST библиотеки libssh2 связана с записью данных за границами буфера. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код путем подключения к SSH-серверу

Вендор

Red Hat Inc.
ООО «РусБИТех-Астра»
Novell Inc.
Fedora Project
Сообщество свободного программного обеспечения

Наименование ПО

Red Hat Enterprise Linux
Astra Linux Special Edition
OpenSUSE Leap
Fedora
libssh2
Debian GNU/Linux

Версия ПО

Server 6 (Red Hat Enterprise Linux)
Desktop 6 (Red Hat Enterprise Linux)
Workstation 6 (Red Hat Enterprise Linux)
Desktop 7 (Red Hat Enterprise Linux)
Workstation 7 (Red Hat Enterprise Linux)
Server 7 (Red Hat Enterprise Linux)
1.5 «Смоленск» (Astra Linux Special Edition)
42.3 (OpenSUSE Leap)
28 (Fedora)
от 1.2.8 до 1.8.1 (libssh2)
Server TUS 7.6 (Red Hat Enterprise Linux)
Server - AUS 7.6 (Red Hat Enterprise Linux)
15.0 (OpenSUSE Leap)
for Scientific Computing 7 (Red Hat Enterprise Linux)
for Power, little endian - Extended Update Supp 7.5 (Red Hat Enterprise Linux)
for Power, little endian 7 (Red Hat Enterprise Linux)
for Power, big endian - Extended Update Support 7.5 (Red Hat Enterprise Linux)
for IBM z Systems - Extended Update Support 7.5 (Red Hat Enterprise Linux)
for IBM z Systems 7 (Red Hat Enterprise Linux)
for IBM System z (Structure A) 7 (Red Hat Enterprise Linux)
for ARM 64 7 (Red Hat Enterprise Linux)
8 (Debian GNU/Linux)
7.5 Extended Update Support (Red Hat Enterprise Linux)
for Power, big endian 7 (Red Hat Enterprise Linux)
for Power 9.7 (Red Hat Enterprise Linux)
EUS Computer Node 7.6 (Red Hat Enterprise Linux)
for Power, big endian - Extended Update Support 7.6 (Red Hat Enterprise Linux)
for Power, little endian - Extended Update Support 7.6 (Red Hat Enterprise Linux)
for IBM z Systems - Extended Update Support 7.6 (Red Hat Enterprise Linux)
Server TUS 7.3 (Red Hat Enterprise Linux)
Server AUS 7.3 (Red Hat Enterprise Linux)
Server- Update Services for SAP Solutions 7.3 (Red Hat Enterprise Linux)
Server- Update Services for SAP Solutions 7.4 (Red Hat Enterprise Linux)
Server- Update Services for SAP Solutions 7.6 (Red Hat Enterprise Linux)

Тип ПО

Операционная система
Прикладное ПО информационных систем

Операционные системы и аппаратные платформы

Red Hat Inc. Red Hat Enterprise Linux Server 6
Red Hat Inc. Red Hat Enterprise Linux Desktop 6
Red Hat Inc. Red Hat Enterprise Linux Workstation 6
Red Hat Inc. Red Hat Enterprise Linux Desktop 7
Red Hat Inc. Red Hat Enterprise Linux Workstation 7
Red Hat Inc. Red Hat Enterprise Linux Server 7
ООО «РусБИТех-Астра» Astra Linux Special Edition 1.5 «Смоленск»
Novell Inc. OpenSUSE Leap 42.3
Fedora Project Fedora 28
Red Hat Inc. Red Hat Enterprise Linux Server TUS 7.6
Red Hat Inc. Red Hat Enterprise Linux Server - AUS 7.6
Novell Inc. OpenSUSE Leap 15.0
Red Hat Inc. Red Hat Enterprise Linux for Scientific Computing 7
Red Hat Inc. Red Hat Enterprise Linux for Power, little endian - Extended Update Supp 7.5
Red Hat Inc. Red Hat Enterprise Linux for Power, little endian 7
Red Hat Inc. Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.5
Red Hat Inc. Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.5
Red Hat Inc. Red Hat Enterprise Linux for IBM z Systems 7
Red Hat Inc. Red Hat Enterprise Linux for IBM System z (Structure A) 7
Red Hat Inc. Red Hat Enterprise Linux for ARM 64 7
Сообщество свободного программного обеспечения Debian GNU/Linux 8
Red Hat Inc. Red Hat Enterprise Linux 7.5 Extended Update Support
Red Hat Inc. Red Hat Enterprise Linux for Power, big endian 7
Red Hat Inc. Red Hat Enterprise Linux for Power 9.7
Red Hat Inc. Red Hat Enterprise Linux EUS Computer Node 7.6
Red Hat Inc. Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6
Red Hat Inc. Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6
Red Hat Inc. Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6
Red Hat Inc. Red Hat Enterprise Linux Server TUS 7.3
Red Hat Inc. Red Hat Enterprise Linux Server AUS 7.3
Red Hat Inc. Red Hat Enterprise Linux Server- Update Services for SAP Solutions 7.3
Red Hat Inc. Red Hat Enterprise Linux Server- Update Services for SAP Solutions 7.4
Red Hat Inc. Red Hat Enterprise Linux Server- Update Services for SAP Solutions 7.6

Уровень опасности уязвимости

Высокий уровень опасности (базовая оценка CVSS 2.0 составляет 9,3)
Высокий уровень опасности (базовая оценка CVSS 3.0 составляет 8,8)

Возможные меры по устранению уязвимости

Использование рекомендаций:
Для libssh2:
https://www.libssh2.org/CVE-2019-3857.html
Для программных продуктов Novell Inc.:
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html
Для программных продуктов Red Hat Inc.:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3857
Для Debian GNU/Linux:
https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html
Для программных продуктов Fedora Project:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
Для Astra Linux:
Обновление программного обеспечения (пакета libssh2) до 1.7.0-1+deb9u1 или более поздней версии

Статус уязвимости

Подтверждена производителем

Наличие эксплойта

Данные уточняются

Информация об устранении

Уязвимость устранена

Ссылки на источники

Идентификаторы других систем описаний уязвимостей

EPSS

Процентиль: 89%
0.04685
Низкий

8.8 High

CVSS3

9.3 Critical

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2019-3857

CVSS3: 8.8
ubuntu
около 6 лет назад

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

redhat логотип

CVE-2019-3857

CVSS3: 7.5
redhat
больше 6 лет назад

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

nvd логотип

CVE-2019-3857

CVSS3: 8.8
nvd
около 6 лет назад

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

debian логотип

CVE-2019-3857

CVSS3: 8.8
debian
около 6 лет назад

An integer overflow flaw which could lead to an out of bounds write wa ...

github логотип

GHSA-mq4f-qjqv-2ff5

CVSS3: 8.8
github
около 3 лет назад

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

EPSS

Процентиль: 89%
0.04685
Низкий

8.8 High

CVSS3

9.3 Critical

CVSS2

Уязвимость BDU:2019-03917