CVE-2019-3861
- EPSS 5.12%
- Veröffentlicht 25.03.2019 19:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:44
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or...
CVE-2019-3860
- EPSS 5.12%
- Veröffentlicht 25.03.2019 19:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:44
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
CVE-2019-3857
- EPSS 6.13%
- Veröffentlicht 25.03.2019 19:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:43
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execut...
CVE-2019-3856
- EPSS 6.13%
- Veröffentlicht 25.03.2019 19:29:01
- Zuletzt bearbeitet 21.11.2024 04:42:43
An integer overflow flaw, which could lead to an out of bounds write, was discovered in libssh2 before 1.8.1 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client syst...
CVE-2019-3863
- EPSS 3.44%
- Veröffentlicht 25.03.2019 18:29:01
- Zuletzt bearbeitet 19.12.2025 04:15:59
A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used by th...
CVE-2019-3858
- EPSS 6.45%
- Veröffentlicht 21.03.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:43
An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client mem...
CVE-2019-3855
- EPSS 9.22%
- Veröffentlicht 21.03.2019 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:42:43
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system wh...
CVE-2019-3862
- EPSS 8.11%
- Veröffentlicht 21.03.2019 16:01:04
- Zuletzt bearbeitet 21.11.2024 04:42:44
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Servic...
CVE-2019-3859
- EPSS 6.28%
- Veröffentlicht 21.03.2019 16:01:04
- Zuletzt bearbeitet 18.12.2025 12:15:53
An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the clien...
CVE-2016-0787
- EPSS 2.7%
- Veröffentlicht 13.04.2016 17:59:10
- Zuletzt bearbeitet 06.05.2026 22:30:45
The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes...