seeing is believing
Showing 1 - 6 of 6 RSS Feed

CVE-2012-4561

Status Candidate

Overview

The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service (crash) via unspecified vectors.

Related Files

Gentoo Linux Security Advisory 201402-26
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-26 - Multiple vulnerabilities have been found in libssh, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 0.5.3 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562, CVE-2012-6063
MD5 | 004bf2595c8077fa2e0b2ca02e5bb59f
Mandriva Linux Security Advisory 2013-045
Posted Apr 5, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-045 - Multiple double free flaws, buffer overflow flaws, invalid free flaws, and improper overflow checks in libssh before 0.5.3 could enable a denial of service attack against libssh clients, or possibly arbitrary code execution. Yong Chuan Koh discovered that libssh incorrectly handled certain negotiation requests. A remote attacker could use this to cause libssh to crash, resulting in a denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562, CVE-2013-0176
MD5 | 323add9179f17726606ebc2c6d1ab445
Slackware Security Advisory - libssh Updates
Posted Dec 10, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libssh packages are available for Slackware 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562
MD5 | f6e2393d9ae6a6cbfd1072dec1ed4792
Debian Security Advisory 2577-1
Posted Dec 3, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2577-1 - Multiple vulnerabilities were discovered in libssh by Florian Weimer and Xi Wang.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-4559, CVE-2012-4561, CVE-2012-4562
MD5 | 30a0b04ea7ab07372d9910d9e8dfe119
Mandriva Linux Security Advisory 2012-175
Posted Nov 29, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-175 - Multiple double free(), buffer overflow, invalid free() and improper overflow checks vulnerabilities were found and corrected in libssh. The updated packages have been upgraded to the 0.5.3 version which is not affected by these issues.

tags | advisory, overflow, vulnerability
systems | linux, mandriva
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562
MD5 | 747a1a179e5e7611b3eaf978db71cf20
Ubuntu Security Notice USN-1640-1
Posted Nov 27, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1640-1 - Xi Wang and Florian Weimer discovered that libssh incorrectly handled memory. A remote attacker could use this to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562
MD5 | 3a7f6d5acc0e680f06e55adfafdf5f04
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    2 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close