The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh prior to 0.6.5 do not properly validate state, which allows remote malicious users to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
libssh libssh |
||
canonical ubuntu linux 12.04 |
||
canonical ubuntu linux 15.10 |
||
canonical ubuntu linux 14.04 |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
fedoraproject fedora 21 |
||
fedoraproject fedora 22 |