Page 2 of 12 results (0.007 seconds)

CVSS: 1.9EPSS: 0%CPEs: 12EXPL: 0

The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid collision. La función RAND_bytes en libssh anterior a 0.6.3, cuando la creación de procesos (“forking”) está habilitada, no restablece debidamente el estado del generador de números pseudo-aleatorios OpenSSL (PRNG), lo que causa que el estado se comparte entre procesos de niños y permite a usuarios locales obtener información sensible mediante el aprovechamiento de una colisión pid. • http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html http://secunia.com/advisories/57407 http://www.debian.org/security/2014/dsa-2879 http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release http://www.openwall.com/lists/oss-security/2014/03/05/1 http://www.ubuntu.com/usn/USN-2145-1 https://bugzilla.redhat.com/show_bug.cgi?id=1072191 • CWE-310: Cryptographic Issues •

CVSS: 4.3EPSS: 2%CPEs: 7EXPL: 0

The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet. La función publickey_from_privatekey en libssh anterior a v0.5.4, cuando ningun algoritmo coincide durante la negociacion, permite a atacantes remotos causar una denegación de servicio (referencia NULL y caída de la aplicación) mediante un paquete "Client: Diffie-Hellman Key Exchange Init" • http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098065.html http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098094.html http://secunia.com/advisories/51982 http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release http://www.ubuntu.com/usn/USN-1707-1 https://exchange.xforce.ibmcloud.com/vulnerabilities/81595 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 6%CPEs: 6EXPL: 0

Double free vulnerability in the sftp_mkdir function in sftp.c in libssh before 0.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vector than CVE-2012-4559. Vulnerabilidad de doble liberación en la función sftp_mkdir en sftp.c en libssh antes de v0.5.3 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de vectores no especificados, un vector diferente de CVE-2012-4559. • http://git.libssh.org/projects/libssh.git/commit/?h=v0-5&id=4d8420f3282ed07fc99fc5e930c17df27ef1e9b2 http://www.debian.org/security/2012/dsa-2577 http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release https://bugzilla.redhat.com/show_bug.cgi?id=871612 • CWE-399: Resource Management Errors •

CVSS: 7.5EPSS: 11%CPEs: 6EXPL: 0

Multiple buffer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors. Múltiples desbordamientos de búfer en libssh antes de v0.5.3 permiten a atacantes remotos provocar una denegación de servicio (caída) o posiblemente ejecutar código arbitrario a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093313.html http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093474.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00016.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00021.html http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release http://www.mandriva.com/security/advisories?name=MDVSA-2012:175 htt • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 10%CPEs: 6EXPL: 0

The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service (crash) via unspecified vectors. Las funciones (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign y (5) ssh_sign_session_id en keys.c en libssh en versiones anteriores a la 0.5.3 liberan "un puntero no válido en una ruta errónea", lo que podría permitir a atacantes remotos provocar una denegación de servicio (caída) a través de vectores no especificados. • http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093313.html http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093474.html http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00002.html http://lists.opensuse.org/opensuse-updates/2012-12/msg00016.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00021.html http://www.debian.org/security/2012/dsa-2577 http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release http://www. •