[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

libssh 0.6.5 has been released to address CVE-2015-3146

[Thread Prev] | [Thread Next]

[Date Prev] | [Date Next]

Subject: libssh 0.6.5 has been released to address CVE-2015-3146
From: Andreas Schneider <asn@xxxxxxxxxxxxxx>
Reply-to: libssh@xxxxxxxxxx
Date: Thu, 30 Apr 2015 16:33:18 +0200
To: libssh@xxxxxxxxxx

ibssh versions 0.5.1 and above have a logical error in the handling of a 
SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY package. A detected error did not set 
the session into the error state correctly and further processed the packet 
which leads to a null pointer dereference. This is the packet after the 
initial key exchange and doesn’t require authentication.

This could be used for a Denial of Service (DoS) attack.

The bug was found and reported by Mariusz Ziulek from the Open Web Application 
Security Project (OWASP).

https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/

-- 
Andreas Schneider                   GPG-ID: CC014E3D
www.cryptomilk.org                asn@xxxxxxxxxxxxxx

Archive administrator: postmaster@lists.cynapses.org