CVE-2019-3862
libssh2: Out-of-bounds memory comparison with specially crafted message channel request
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Se ha descubierto un error de lectura fuera de límites en libssh2, en versiones anteriores a la 1.8.1, en la forma en la que se analizan los paquetes SSH_MSG_CHANNEL_REQUEST con un mensaje de estado de salida y sin carga útil. Un atacante remoto que comprometa un servidor SSH podría ser capaz de provocar una denegación de servicio o una lectura de datos en la memoria del cliente.
An out of bounds read flaw was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-03 CVE Reserved
- 2019-03-19 CVE Published
- 2024-08-04 CVE Updated
- 2024-09-19 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-125: Out-of-bounds Read
- CWE-130: Improper Handling of Length Parameter Inconsistency
CAPEC
References (20)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/107485 | Third Party Advisory | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3862 | Issue Tracking | |
| https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html | Mailing List |
|
| https://seclists.org/bugtraq/2019/Apr/25 | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20190327-0005 | Third Party Advisory |
|
| https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2019-767 | Third Party Advisory | |
| https://www.oracle.com/security-alerts/cpujan2020.html | X_refsource_misc |
|
| https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html | X_refsource_misc |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.html | 2023-11-07 | |
| http://www.openwall.com/lists/oss-security/2019/03/18/3 | 2023-11-07 | |
| https://seclists.org/bugtraq/2019/Mar/25 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Libssh2 Search vendor "Libssh2" | Libssh2 Search vendor "Libssh2" for product "Libssh2" | < 1.8.1 Search vendor "Libssh2" for product "Libssh2" and version " < 1.8.1" | - |
Affected
| ||||||
| Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 29 Search vendor "Fedoraproject" for product "Fedora" and version "29" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Ontap Select Deploy Administration Utility Search vendor "Netapp" for product "Ontap Select Deploy Administration Utility" | - | - |
Affected
| ||||||
| Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 42.3 Search vendor "Opensuse" for product "Leap" and version "42.3" | - |
Affected
| ||||||