LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Kernel prepatch 3.9-rc6

LWN.net Weekly Edition for April 4, 2013

LWN.net Weekly Edition for March 28, 2013

A kernel change breaks GlusterFS

PyCon: Evangelizing Python

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

libssh: code execution

Package(s):libssh CVE #(s):CVE-2012-4559 CVE-2012-4560 CVE-2012-4561 CVE-2012-4562
Created:November 27, 2012 Updated:December 6, 2012
Description: From the Ubuntu advisory:

Xi Wang and Florian Weimer discovered that libssh incorrectly handled memory. A remote attacker could use this to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562)

Alerts:
Ubuntu USN-1640-1 2012-11-26
Fedora FEDORA-2012-18677 2012-11-29
Mandriva MDVSA-2012:175 2012-11-29
Mageia MGASA-2012-0344 2012-11-29
Debian DSA-2577-1 2012-12-01
Fedora FEDORA-2012-18687 2012-12-06
openSUSE openSUSE-SU-2012:1620-1 2012-12-07
openSUSE openSUSE-SU-2012:1622-1 2012-12-07
Slackware SSA:2012-341-02 2012-12-06
openSUSE openSUSE-SU-2013:0130-1 2013-01-23
Mandriva MDVSA-2013:045 2013-04-05
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds