CVSS: 5.9EPSS: 0%CPEs: 9EXPL: 0CVE-2016-0739 – libssh: bits/bytes confusion resulting in truncated Difffie-Hellman secret length
https://notcve.org/view.php?id=CVE-2016-0739
libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug." libssh en versiones anteriores a 0.7.3 trunca de manera incorrecta secretos efímeros generados para los métodos de intercambio de clave (1) diffie-hellman-group1 y (2) diffie-hellman-group14 a 128 bits, lo que hace más fácil a atacantes man-in-the-middle descifrar o interceptar sesiones SSH a través de vectores no especificados, también conocido como "bits/bytes confusion bug". A type confusion issue was found in the way libssh generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters. • http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178058.html http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178822.html http://lists.opensuse.org/opensuse-updates/2016-03/msg00111.html http://rhn.redhat.com/errata/RHSA-2016-0566.html http://www.debian.org/security/2016/dsa-3488 http://www.ubuntu.com/usn/USN-2912-1 https://puppet.com/security/cve/CVE-2016-0739 https://security.gentoo.org/glsa/201606-12 https://www.libssh.org/2016/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-704: Incorrect Type Conversion or Cast •
CVSS: 5.0EPSS: 9%CPEs: 20EXPL: 0CVE-2014-8132
https://notcve.org/view.php?id=CVE-2014-8132
Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet. Vulnerabilidad de doble liberación en la función ssh_packet_kexinit en kex.c en libssh 0.5.x y 0.6.x anterior a 0.6.4 permite a atacantes remotos causar una denegación de servicio a través del paquete modificado kexinit. • http://advisories.mageia.org/MGASA-2015-0014.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147367.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147452.html http://lists.fedoraproject.org/pipermail/package-announce/2015-January/147464.html http://lists.opensuse.org/opensuse-updates/2015-01/msg00007.html http://secunia.com/advisories/60838 http://www.debian.org/security/2016/dsa-3488 http://www.libssh.org/2014/12/19/libssh-0-6-4-secu •
CVSS: 1.9EPSS: 0%CPEs: 12EXPL: 0CVE-2014-0017
https://notcve.org/view.php?id=CVE-2014-0017
The RAND_bytes function in libssh before 0.6.3, when forking is enabled, does not properly reset the state of the OpenSSL pseudo-random number generator (PRNG), which causes the state to be shared between children processes and allows local users to obtain sensitive information by leveraging a pid collision. La función RAND_bytes en libssh anterior a 0.6.3, cuando la creación de procesos (“forking”) está habilitada, no restablece debidamente el estado del generador de números pseudo-aleatorios OpenSSL (PRNG), lo que causa que el estado se comparte entre procesos de niños y permite a usuarios locales obtener información sensible mediante el aprovechamiento de una colisión pid. • http://lists.opensuse.org/opensuse-updates/2014-03/msg00036.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00040.html http://secunia.com/advisories/57407 http://www.debian.org/security/2014/dsa-2879 http://www.libssh.org/2014/03/04/libssh-0-6-3-security-release http://www.openwall.com/lists/oss-security/2014/03/05/1 http://www.ubuntu.com/usn/USN-2145-1 https://bugzilla.redhat.com/show_bug.cgi?id=1072191 • CWE-310: Cryptographic Issues •