what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 6 of 6 RSS Feed

CVE-2014-0017

Status Candidate

Overview

The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid collision.

Related Files

Slackware Security Advisory - libssh Updates
Posted Apr 22, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New libssh packages are available for Slackware 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-0017, CVE-2014-8132
SHA-256 | d1c60898d3bb6fdb8ab9765889f38b999cc01a200e44d5db6df6716245d1769c
Mandriva Linux Security Advisory 2015-086
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-086 - When using libssh before 0.6.3, a libssh-based server, when accepting a new connection, forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset its state after the fork, but simply adds the current process id to the PRNG state, which is not guaranteed to be unique. The most important consequence is that servers using EC or DSA certificates may under certain conditions leak their private key. Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet.

tags | advisory, remote, denial of service
systems | linux, mandriva
advisories | CVE-2014-0017, CVE-2014-8132
SHA-256 | 05034794c69e38df2effbf7e99ba466e4bdd8cd1c06e90c7380ffd81a37a83d6
Gentoo Linux Security Advisory 201408-03
Posted Aug 12, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201408-3 - A vulnerability in LibSSH can result in leakage of private key information. Versions less than 0.6.3 are affected.

tags | advisory
systems | linux, gentoo
advisories | CVE-2014-0017
SHA-256 | 8352f547da7a3cf848b8e227033600ae1aeea647697809d94f542b731d45e45a
Debian Security Advisory 2879-1
Posted Mar 14, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2879-1 - It was discovered that libssh, a tiny C SSH library, did not reset the state of the PRNG after accepting a connection. A server mode application that forks itself to handle incoming connections could see its children sharing the same PRNG state, resulting in a cryptographic weakness and possibly the recovery of the private key.

tags | advisory
systems | linux, debian
advisories | CVE-2014-0017
SHA-256 | dd19c9d7bfff0001fbdcba76e13bb535fcc99493ea338655b5c902a52dbaadfc
Mandriva Linux Security Advisory 2014-053
Posted Mar 13, 2014
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2014-053 - When using libssh before 0.6.3, a libssh-based server, when accepting a new connection, forks and the child process handles the request. The RAND_bytes() function of openssl doesn't reset its state after the fork, but simply adds the current process id to the PRNG state, which is not guaranteed to be unique. The most important consequence is that servers using EC or DSA certificates may under certain conditions leak their private key.

tags | advisory
systems | linux, mandriva
advisories | CVE-2014-0017
SHA-256 | e6dd6236b789502029d7c8ea18bc510ccd49917a0dfe6d3408d4f49046a1ed7f
Ubuntu Security Notice USN-2145-1
Posted Mar 12, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2145-1 - Aris Adamantiadis discovered that libssh allowed the OpenSSL PRNG state to be reused when implementing forking servers. This could allow an attacker to possibly obtain information about the state of the PRNG and perform cryptographic attacks.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2014-0017
SHA-256 | 95ffe26d0a11f3ae9be74f1583d0260e5c4fc05fe38a93d7c1bc3a7d8e7d3e3a
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close