Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
6.8
CVSSv2

CVE-2015-1782

Published: 13/03/2015 Updated: 13/02/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Debian Linux

Vulnerability Summary

The kex_agree_methods function in libssh2 prior to 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.

Vulnerable Product Search on Vulmon Subscribe to Product

debian debian linux 7.0

libssh2 libssh2

fedoraproject fedora 22

fedoraproject fedora 20

fedoraproject fedora 21

Vendor Advisories

Red Hat: Low: libssh2 security and bug fix update
Synopsis Low: libssh2 security and bug fix update Type/Severity Security Advisory: Low Topic Updated libssh2 packages that fix one security issue and two bugs are nowavailable for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having Low securityimpact A Common Vulnerability S ...
Debian CVElist Bug Report Logs: libssh2: CVE-2015-1782: Using SSH_MSG_KEXINIT data unbounded
Debian Bug report logs - #780249 libssh2: CVE-2015-1782: Using SSH_MSG_KEXINIT data unbounded Package: src:libssh2; Maintainer for src:libssh2 is Mikhail Gusarov <dottedmag@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 11 Mar 2015 07:51:02 UTC Severity: grave Tags: fixed-upstream, patc ...
Debian Security Advisories: DSA-3182-1 libssh2 -- security update
Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSH_MSG_KEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server A malicious attacker could man in the middle a real server and cause a client using the libssh2 library to crash (denial of service) or othe ...
Red Hat: CVE-2015-1782
A flaw was found in the way the kex_agree_methods() function of libssh2 performed a key exchange when negotiating a new SSH session A man-in-the-middle attacker could use a crafted SSH_MSG_KEXINIT packet to crash a connecting libssh2 client ...

Github Repositories

https://github.com/mzet-/Security-Advisories

Publicly disclosed vulnerabilities I discovered in open source software

Security Advisories Upstream (libssh2) Security Advisory - Using SSH_MSG_KEXINIT data unbounded (CVE-2015-1782) Upstream (libssh) Security Advisory - Possible double free on a dangling pointer with crafted kexinit packet (CVE-2015-3146) MZET-ADV-2017-01 - Multiple memory corruption issues in Artifex MuPDF ver 1120 (CVE-2017-17858)

References

CWE-20http://www.debian.org/security/2015/dsa-3182http://www.libssh2.org/adv_20150311.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/151943.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/152362.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-March/153933.htmlhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:148http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.securityfocus.com/bid/73061https://access.redhat.com/errata/RHSA-2015:2140https://www.debian.org/security/./dsa-3182https://nvd.nist.govhttps://github.com/mzet-/Security-Advisorieshttps://access.redhat.com/security/cve/cve-2015-1782
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook