Описание
[Denial of Service via improper configuration file handling]
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 0.11.3-1ubuntu1 |
| esm-infra/bionic | released | 0.8.0~20170825.94fa1e38-1ubuntu0.7+esm6 |
| esm-infra/focal | released | 0.9.3-2ubuntu2.5+esm3 |
| esm-infra/xenial | released | 0.6.3-4.3ubuntu0.6+esm4 |
| jammy | released | 0.9.6-2ubuntu0.22.04.6 |
| noble | released | 0.10.6-2ubuntu0.3 |
| questing | released | 0.11.2-1ubuntu0.2 |
| upstream | released | 0.11.4 |
Показывать по
EPSS
Связанные уязвимости
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.
A flaw was found in libssh where it can attempt to open arbitrary files during configuration parsing. A local attacker can exploit this by providing a malicious configuration file or when the system is misconfigured. This vulnerability could lead to a Denial of Service (DoS) by causing the system to try and access dangerous files, such as block devices or large system files, which can disrupt normal operations.
EPSS