← back
CVE-2013-0176

CVE-2013-0176

EPSS 3.0%
The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098065.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-February/098094.htmlhttp://secunia.com/advisories/51982https://exchange.xforce.ibmcloud.com/vulnerabilities/81595http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/http://www.ubuntu.com/usn/USN-1707-1