CVE-2015-1782

EPSS 4.1%

libssh2 - security update

發布日:2015/3/13修改日:2026/4/28

也稱為:DEBIAN-CVE-2015-1782

描述

The kex_agree_methods function in libssh2 before 1.5.0 allows remote servers to cause a denial of service (crash) or have other unspecified impact via crafted length values in an SSH_MSG_KEXINIT packet.

受影響套件(3)

Debian/libssh2from 0, < 1.4.3-4.1
Debian/libssh2from 0, < 1.2.6-1+deb6u1
Debian/libssh2from 0, < 1.4.2-1.1+deb7u1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2015-1782