Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv2

CVE-2019-17498

Published: 21/10/2019 Updated: 07/11/2023
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.2 | Exploitability Score: 2.8
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:P
Subscribe to Libssh2

Vulnerability Summary

In libssh2 v1.9.0 and previous versions versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an malicious user to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

libssh2 libssh2

fedoraproject fedora 30

fedoraproject fedora 31

opensuse leap 15.1

debian debian linux 8.0

debian debian linux 9.0

netapp element software -

netapp ontap select deploy administration utility -

netapp solidfire -

netapp hci management node -

netapp active iq unified manager -

netapp bootstrap_os -

Vendor Advisories

Debian CVElist Bug Report Logs: libssh2: CVE-2019-17498
Debian Bug report logs - #943562 libssh2: CVE-2019-17498 Package: src:libssh2; Maintainer for src:libssh2 is Mikhail Gusarov <dottedmag@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 26 Oct 2019 14:48:02 UTC Severity: important Tags: security, upstream Found in version libssh2/180-2 ...
Red Hat: Low: OpenShift Container Platform 4.3.40 security and bug fix update
Synopsis Low: OpenShift Container Platform 4340 security and bug fix update Type/Severity Security Advisory: Low Topic An update is now available for Red Hat OpenShift Container Platform 43Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerability Scoring S ...
Red Hat: Moderate: security update - Red Hat Ansible Tower 3.6 runner release (CVE-2019-18874)
Synopsis Moderate: security update - Red Hat Ansible Tower 36 runner release (CVE-2019-18874) Type/Severity Security Advisory: Moderate Topic Red Hat Ansible Tower 36 runner release (CVE-2019-18874) Description Updated python-psutil version to 566 inside ansible-runner container(CVE-20 ...
Red Hat: Moderate: security update - Red Hat Ansible Tower 3.7 runner release (CVE-2019-18874)
Synopsis Moderate: security update - Red Hat Ansible Tower 37 runner release (CVE-2019-18874) Type/Severity Security Advisory: Moderate Topic Red Hat Ansible Tower 37 runner release (CVE-2019-18874) Description Updated python-psutil version to 566 inside ansible-runner container (CVE-2 ...
Red Hat: Moderate: libssh2 security update
Synopsis Moderate: libssh2 security update Type/Severity Security Advisory: Moderate Topic An update for libssh2 is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, wh ...
Amazon Linux 2: ALAS2-2020-1531
In libssh2 v190 and earlier versions, the SSH_MSG_DISCONNECT logic in packetc has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system w ...
Arch Linux Issues:
An out-of-bounds read has been found in libssh2 <= 190, when libssh2 is used to connect to a malicious server, leading to denial of service or information disclosure ...

ICS Advisories

https://ics-cert.us-cert.gov/advisories/fd87a3fc00e025fdc5034360097d2bdf
Critical Infrastructure Sectors: Critical Manufacturing

Github Repositories

https://github.com/Huluwa-kong/cits3007

cits3007 assignments

若您有关于此作业的任何需求,本人主页, 可添加vx:codingtutor 或者qq:122929048 CITS3007 Project 2022 Changes since version 01: • Link to rubric • Allow markdown • Change 1(d) from “show” to “indicate” • Clarify structure of a “scores” field line • Clarify that lseek is also an option for file

References

CWE-190https://github.com/kevinbackhouse/SecurityExploits/tree/8cbdbbe6363510f7d9ceec685373da12e6fc752d/libssh2/out_of_bounds_read_disconnect_CVE-2019-17498https://github.com/libssh2/libssh2/blob/42d37aa63129a1b2644bf6495198923534322d64/src/packet.c#L480https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00026.htmlhttps://lists.debian.org/debian-lts-announce/2019/11/msg00010.htmlhttps://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9chttps://lists.debian.org/debian-lts-announce/2021/12/msg00013.htmlhttps://security.netapp.com/advisory/ntap-20220909-0004/http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.htmlhttps://lists.debian.org/debian-lts-announce/2023/09/msg00006.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TY7EEE34RFKCTXTMBQQWWSLXZWSCXNDB/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/22H4Q5XMGS3QNSA7OCL3U7UQZ4NXMR5O/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943562https://nvd.nist.govhttps://github.com/Huluwa-kong/cits3007https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10https://alas.aws.amazon.com/AL2/ALAS-2020-1531.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook