Exploit the possiblities
Showing 1 - 6 of 6 RSS Feed

CVE-2012-4561

Status Candidate

Overview

The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service (crash) via unspecified vectors.

Related Files

Gentoo Linux Security Advisory 201402-26
Posted Feb 22, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201402-26 - Multiple vulnerabilities have been found in libssh, allowing attackers to execute arbitrary code or cause Denial of Service. Versions less than 0.5.3 are affected.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562, CVE-2012-6063
MD5 | 004bf2595c8077fa2e0b2ca02e5bb59f
Mandriva Linux Security Advisory 2013-045
Posted Apr 5, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-045 - Multiple double free flaws, buffer overflow flaws, invalid free flaws, and improper overflow checks in libssh before 0.5.3 could enable a denial of service attack against libssh clients, or possibly arbitrary code execution. Yong Chuan Koh discovered that libssh incorrectly handled certain negotiation requests. A remote attacker could use this to cause libssh to crash, resulting in a denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary, code execution
systems | linux, mandriva
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562, CVE-2013-0176
MD5 | 323add9179f17726606ebc2c6d1ab445
Slackware Security Advisory - libssh Updates
Posted Dec 10, 2012
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libssh packages are available for Slackware 14.0, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562
MD5 | f6e2393d9ae6a6cbfd1072dec1ed4792
Debian Security Advisory 2577-1
Posted Dec 3, 2012
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2577-1 - Multiple vulnerabilities were discovered in libssh by Florian Weimer and Xi Wang.

tags | advisory, vulnerability
systems | linux, debian
advisories | CVE-2012-4559, CVE-2012-4561, CVE-2012-4562
MD5 | 30a0b04ea7ab07372d9910d9e8dfe119
Mandriva Linux Security Advisory 2012-175
Posted Nov 29, 2012
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2012-175 - Multiple double free(), buffer overflow, invalid free() and improper overflow checks vulnerabilities were found and corrected in libssh. The updated packages have been upgraded to the 0.5.3 version which is not affected by these issues.

tags | advisory, overflow, vulnerability
systems | linux, mandriva
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562
MD5 | 747a1a179e5e7611b3eaf978db71cf20
Ubuntu Security Notice USN-1640-1
Posted Nov 27, 2012
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1640-1 - Xi Wang and Florian Weimer discovered that libssh incorrectly handled memory. A remote attacker could use this to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562
MD5 | 3a7f6d5acc0e680f06e55adfafdf5f04
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

January 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    13 Files
  • 3
    Jan 3rd
    16 Files
  • 4
    Jan 4th
    39 Files
  • 5
    Jan 5th
    26 Files
  • 6
    Jan 6th
    40 Files
  • 7
    Jan 7th
    2 Files
  • 8
    Jan 8th
    16 Files
  • 9
    Jan 9th
    25 Files
  • 10
    Jan 10th
    28 Files
  • 11
    Jan 11th
    44 Files
  • 12
    Jan 12th
    32 Files
  • 13
    Jan 13th
    2 Files
  • 14
    Jan 14th
    4 Files
  • 15
    Jan 15th
    31 Files
  • 16
    Jan 16th
    15 Files
  • 17
    Jan 17th
    16 Files
  • 18
    Jan 18th
    24 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    5 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close