vulnerability
FreeBSD: VID-6E58E1E9-2636-413E-9F84-4C0E21143628 (CVE-2019-3855): libssh2 -- multiple issues
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Mar 14, 2019 | Jul 8, 2019 | Jul 8, 2019 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Mar 14, 2019
Added
Jul 8, 2019
Modified
Jul 8, 2019
Description
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.
Solution(s)
freebsd-upgrade-package-libssh2freebsd-upgrade-package-linux-c6-libssh2freebsd-upgrade-package-linux-c7-libssh2
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.