CVE-2019-3859
CVE-2019-3859
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Affected products
The libssh2 Project · libssh2public PoCs found — 1
cve_referencepacketstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-04/msg00102.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-04/msg00103.htmlhttp://packetstormsecurity.com/files/152136/Slackware-Security-Advisory-libssh2-Updates.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3859https://lists.debian.org/debian-lts-announce/2019/03/msg00032.htmlhttps://lists.debian.org/debian-lts-announce/2019/04/msg00006.htmlhttps://lists.debian.org/debian-lts-announce/2019/07/msg00024.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XCWEA5ZCLKRDUK62QVVYMFWLWKOPX3LO/https://seclists.org/bugtraq/2019/Apr/25