Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2019-3860
Description:An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.
Test IDs: 1.3.6.1.4.1.25623.1.0.891730   1.3.6.1.4.1.25623.1.0.852588   1.3.6.1.4.1.25623.1.1.4.2019.1606.2   1.3.6.1.4.1.25623.1.1.4.2019.1606.1   1.3.6.1.4.1.25623.1.1.4.2019.14099.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-3860
Bugtraq: 20190415 [SECURITY] [DSA 4431-1] libssh2 security update (Google Search)
https://seclists.org/bugtraq/2019/Apr/25
Debian Security Information: DSA-4431 (Google Search)
https://www.debian.org/security/2019/dsa-4431
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/
https://www.libssh2.org/CVE-2019-3860.html
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00028.html
SuSE Security Announcement: openSUSE-SU-2019:1075 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html
SuSE Security Announcement: openSUSE-SU-2019:1109 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html
SuSE Security Announcement: openSUSE-SU-2019:1640 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00072.html




© 1998-2024 E-Soft Inc. All rights reserved.