Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2021-3634  

A security issue has been found in libssh before version 0.9.6. An attacker can request a rekey with a key exchange algorithm with a digest of a different size, causing libssh reading or writing behind the buffer limits.

Source
Severity Medium

Remote Yes

Type Arbitrary code execution

Description 

A security issue has been found in libssh before version 0.9.6. An attacker can request a rekey with a key exchange algorithm with a digest of a different size, causing libssh reading or writing behind the buffer limits.

AVG-2324 libssh 0.9.5-1 Medium Vulnerable 

https://www.libssh.org/security/advisories/CVE-2021-3634.txt
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35485
https://git.libssh.org/projects/libssh.git/commit/?id=d3060bc84ed4e160082e819b4d404f76df7c8063

Workaround
==========

The only temporary workaround is to enable key exchange algorithms with the same digest size, for example for SHA256:

rc = ssh_options_set(s->ssh.session, SSH_OPTIONS_KEY_EXCHANGE, "diffie-hellman-group14-sha256,curve25519-sha256,ecdh-sha2-nistp256");

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started