CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
93.9%
Mariusz Ziulek discovered that libssh incorrectly handled certain packets.
A remote attacker could possibly use this issue to cause libssh to crash,
resulting in a denial of service.
(CVE-2015-3146)
Aris Adamantiadis discovered that libssh incorrectly generated ephemeral
secret keys of 128 bits instead of the recommended 1024 or 2048 bits when
using the diffie-hellman-group1 and diffie-hellman-group14 methods. If a
remote attacker were able to perform a machine-in-the-middle attack, this flaw
could be exploited to view sensitive information. (CVE-2016-0739)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 15.10 | noarch | libssh-4 | < 0.6.3-3ubuntu3.2 | UNKNOWN |
Ubuntu | 15.10 | noarch | libssh-4-dbgsym | < 0.6.3-3ubuntu3.2 | UNKNOWN |
Ubuntu | 15.10 | noarch | libssh-dbg | < 0.6.3-3ubuntu3.2 | UNKNOWN |
Ubuntu | 15.10 | noarch | libssh-dev | < 0.6.3-3ubuntu3.2 | UNKNOWN |
Ubuntu | 15.10 | noarch | libssh-dev-dbgsym | < 0.6.3-3ubuntu3.2 | UNKNOWN |
Ubuntu | 15.10 | noarch | libssh-doc | < 0.6.3-3ubuntu3.2 | UNKNOWN |
Ubuntu | 15.10 | noarch | libssh-gcrypt-4 | < 0.6.3-3ubuntu3.2 | UNKNOWN |
Ubuntu | 15.10 | noarch | libssh-gcrypt-4-dbgsym | < 0.6.3-3ubuntu3.2 | UNKNOWN |
Ubuntu | 15.10 | noarch | libssh-gcrypt-dev | < 0.6.3-3ubuntu3.2 | UNKNOWN |
Ubuntu | 15.10 | noarch | libssh-gcrypt-dev-dbgsym | < 0.6.3-3ubuntu3.2 | UNKNOWN |
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
Confidence
High
EPSS
Percentile
93.9%