Описание
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:gnu:lsh:1.4:*:*:*:*:*:*:*
cpe:2.3:a:gnu:lsh:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:gnu:lsh:1.4.2:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.27289
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 22 года назад
lsh daemon (lshd) does not properly return from certain functions in ( ...
github
больше 3 лет назад
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
EPSS
Процентиль: 96%
0.27289
Средний
7.5 High
CVSS2
Дефекты
NVD-CWE-Other