Published: 13/04/2016 Updated: 09/12/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

libssh prior to 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle malicious users to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat enterprise linux 7.0
canonical ubuntu linux 15.10
canonical ubuntu linux 12.04
canonical ubuntu linux 14.04
libssh libssh
fedoraproject fedora 23
fedoraproject fedora 22
debian debian linux 8.0
debian debian linux 7.0

Debian Bug report logs - #815663 libssh: CVE-2016-0739: Weak Diffie-Hellman secret generation Package: src:libssh; Maintainer for src:libssh is Laurent Bigonville <bigon@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 23 Feb 2016 13:27:19 UTC Severity: grave Tags: fixed-upstream, patch, ...

Several security issues were fixed in libssh ...

Aris Adamantiadis discovered that libssh, a tiny C SSH library, incorrectly generated a short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits respectively This flaw could allow an eavesdropper with enough re ...

A type confusion issue was found in the way libssh generated ephemeral secrets for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods This would cause an SSHv2 Diffie-Hellman handshake to use significantly less secure random parameters ...

SecurityCenter uses third-party libraries to provide certain standardized functionality Two of these libraries were found to contain vulnerabilities and were fixed upstream Those fixes have been integrated despite there being no known exploitation scenarios related to SecurityCenter cURL / libcurl DLL Hijacking Arbitrary Code Execution cURL / l ...

Guile-SSH is a library that provides access to the SSH protocol for GNU Guile programs.

Guile-SSH is a library that provides access to the SSH protocol for programs written in GNU Guile interpreter It is built upon the libssh library Features The API that is sufficient for building of standalone SSH clients and servers, or for embedding client/server functionality in your lispy Scheme applications Several authentication methods are sup

CWE-200 http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178822.html http://rhn.redhat.com/errata/RHSA-2016-0566.html https://www.libssh.org/2016/02/23/libssh-0-7-3-security-and-bugfix-release/http://www.ubuntu.com/usn/USN-2912-1 https://www.libssh.org/security/advisories/CVE-2016-0739.txt http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178058.html http://www.debian.org/security/2016/dsa-3488 https://security.gentoo.org/glsa/201606-12 http://lists.opensuse.org/opensuse-updates/2016-03/msg00111.html https://puppet.com/security/cve/CVE-2016-0739 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815663 https://usn.ubuntu.com/2912-1/https://nvd.nist.gov

CVE-2016-0739

Vulnerability Summary

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect