exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2012-4559

Status Candidate

Overview

Multiple double free vulnerabilities in the (1) agent_sign_data function in agent.c, (2) channel_request function in channels.c, (3) ssh_userauth_pubkey function in auth.c, (4) sftp_parse_attr_3 function in sftp.c, and (5) try_publickey_from_file function in keyfiles.c in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

Related Files

Gentoo Linux Security Advisory 201402-26
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-26 - Multiple vulnerabilities have been found in libssh, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 0.5.3 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562, CVE-2012-6063
SHA-256 | 54bc1c3293e955ccb3036adb8153e9f984fd1924bbf3e67b7588d7e7d05af3f8
Mandriva Linux Security Advisory 2013-045
Posted Apr 5, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-045 - Multiple double free flaws, buffer overflow flaws, invalid free flaws, and improper overflow checks in libssh before 0.5.3 could enable a denial of service attack against libssh clients, or possibly arbitrary code execution. Yong Chuan Koh discovered that libssh incorrectly handled certain negotiation requests. A remote attacker could use this to cause libssh to crash, resulting in a denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562, CVE-2013-0176
SHA-256 | b001afcc00872bffb479840552f9f98c8e4a053611dc49aa61aa6b801599a2cb
Slackware Security Advisory - libssh Updates
Posted Dec 10, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libssh packages are available for Slackware 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562
SHA-256 | 366d107dd5b27da03116193c2e98ec3fa00722b8643f6ff8ea0cec9f8181fd79
Debian Security Advisory 2577-1
Posted Dec 3, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2577-1 - Multiple vulnerabilities were discovered in libssh by Florian Weimer and Xi Wang.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-4559, CVE-2012-4561, CVE-2012-4562
SHA-256 | dde7f32fc005ea01ee8653f47a7ddcf75c2c044d6524c2c78ec31eef012255c9
Mandriva Linux Security Advisory 2012-175
Posted Nov 29, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-175 - Multiple double free(), buffer overflow, invalid free() and improper overflow checks vulnerabilities were found and corrected in libssh. The updated packages have been upgraded to the 0.5.3 version which is not affected by these issues.

tags | advisory, overflow, vulnerability
systems | linux, mandriva
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562
SHA-256 | f4e04caa8c30d741390d9960a10adde13e1d0efb016dee25e89ac918fb28044f
Ubuntu Security Notice USN-1640-1
Posted Nov 27, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1640-1 - Xi Wang and Florian Weimer discovered that libssh incorrectly handled memory. A remote attacker could use this to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562
SHA-256 | 49a32b62fb4070d1e8aaa6c34b9e46b28acc5b05eeb6b1a378719f9edcaa254f
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    0 Files
  • 9
    Sep 9th
    0 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    0 Files
  • 13
    Sep 13th
    0 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    0 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close