[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

libssh 0.6.5 has been released to address CVE-2015-3146

ibssh versions 0.5.1 and above have a logical error in the handling of a 
SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY package. A detected error did not set 
the session into the error state correctly and further processed the packet 
which leads to a null pointer dereference. This is the packet after the 
initial key exchange and doesn’t require authentication.

This could be used for a Denial of Service (DoS) attack.

The bug was found and reported by Mariusz Ziulek from the Open Web Application 
Security Project (OWASP).


Andreas Schneider                   GPG-ID: CC014E3D
www.cryptomilk.org                asn@xxxxxxxxxxxxxx

Archive administrator: postmaster@lists.cynapses.org