CVE-2013-0176
CVE-2013-0176
The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet.
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098065.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-February/098094.htmlhttp://secunia.com/advisories/51982https://exchange.xforce.ibmcloud.com/vulnerabilities/81595http://www.libssh.org/2013/01/22/libssh-0-5-4-security-release/http://www.ubuntu.com/usn/USN-1707-1