Test ID:	1.3.6.1.4.1.25623.1.0.72623
Category:	Mandrake Local Security Checks
Title:	Mandriva Security Advisory MDVSA-2012:175 (libssh)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to libssh announced via advisory MDVSA-2012:175. Multiple double free(), buffer overflow, invalid free() and improper overflow checks vulnerabilities was found and corrected in libssh (CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562). The updated packages have been upgraded to the 0.5.3 version which is not affected by these issues. Affected: 2011. Solution: To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. http://www.securityspace.com/smysecure/catid.html?in=MDVSA-2012:175 Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2012-4559 BugTraq ID: 56604 http://www.securityfocus.com/bid/56604 Debian Security Information: DSA-2577 (Google Search) http://www.debian.org/security/2012/dsa-2577 http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093313.html http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093474.html http://www.mandriva.com/security/advisories?name=MDVSA-2012:175 https://bugzilla.redhat.com/show_bug.cgi?id=871612 http://www.openwall.com/lists/oss-security/2012/11/20/3 SuSE Security Announcement: openSUSE-SU-2012:1620 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-12/msg00002.html SuSE Security Announcement: openSUSE-SU-2012:1622 (Google Search) http://lists.opensuse.org/opensuse-updates/2012-12/msg00016.html SuSE Security Announcement: openSUSE-SU-2013:0130 (Google Search) http://lists.opensuse.org/opensuse-updates/2013-01/msg00021.html http://www.ubuntu.com/usn/USN-1640-1 XForce ISS Database: libssh-code-execution(80218) https://exchange.xforce.ibmcloud.com/vulnerabilities/80218 Common Vulnerability Exposure (CVE) ID: CVE-2012-4560 56604 FEDORA-2012-18610 FEDORA-2012-18677 MDVSA-2012:175 USN-1640-1 [oss-security] 20121120 libssh 0.5.3 release fixes multiple security issues http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/ https://bugzilla.redhat.com/show_bug.cgi?id=871614 libssh-multiple-bo(80219) https://exchange.xforce.ibmcloud.com/vulnerabilities/80219 openSUSE-SU-2012:1620 openSUSE-SU-2012:1622 openSUSE-SU-2013:0130 Common Vulnerability Exposure (CVE) ID: CVE-2012-4561 https://bugzilla.redhat.com/show_bug.cgi?id=871617 XForce ISS Database: libssh-multiple-dos(80220) https://exchange.xforce.ibmcloud.com/vulnerabilities/80220 Common Vulnerability Exposure (CVE) ID: CVE-2012-4562 https://bugzilla.redhat.com/show_bug.cgi?id=871620 SuSE Security Announcement: SUSE-SU-2012:1520 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-11/msg00015.html XForce ISS Database: libssh-buffer-bo(80221) https://exchange.xforce.ibmcloud.com/vulnerabilities/80221
Copyright	Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.