VulnerableCode Package Details - pkg:alpm/archlinux/libssh2@1.8.0-3

Search for packages

Vulnerability	Summary	Fixed by
VCID-97nz-s1q6-x3fc Aliases: CVE-2019-3861	Out-of-bounds Read An out-of-bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.	1.8.1-1 Affected by 0 other vulnerabilities.
VCID-bcba-qntz-gkez Aliases: CVE-2019-3863	Out-of-bounds Write A flaw was found in libssh2 A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out-of-bounds memory write error.	1.8.1-1 Affected by 0 other vulnerabilities.
VCID-f1me-9vqd-j7f6 Aliases: CVE-2019-3855	Out-of-bounds Write An integer overflow flaw which could lead to an out-of-bounds write was discovered in libssh2 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.	1.8.1-1 Affected by 0 other vulnerabilities.
VCID-gv2u-298u-jkcv Aliases: CVE-2019-3859	Out-of-bounds Read An out-of-bounds read flaw was discovered in libssh2 in the _libssh2_packet_require and _libssh2_packet_requirev functions. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.	1.8.1-1 Affected by 0 other vulnerabilities.
VCID-k1js-k8q3-ekb2 Aliases: CVE-2019-3860	Out-of-bounds Read An out-of-bounds read flaw was discovered in libssh2 in the way SFTP packets with empty payloads are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.	1.8.1-1 Affected by 0 other vulnerabilities.
VCID-mevw-g6yq-eqa8 Aliases: CVE-2019-3857	Out-of-bounds Write An integer overflow flaw which could lead to an out-of-bounds write was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.	1.8.1-1 Affected by 0 other vulnerabilities.
VCID-qjzc-2hvn-2qg3 Aliases: CVE-2019-3856	Out-of-bounds Write An integer overflow flaw, which could lead to an out-of-bounds write, was discovered in libssh2 in the way keyboard prompt requests are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.	1.8.1-1 Affected by 0 other vulnerabilities.
VCID-rv81-jwkz-w7b5 Aliases: CVE-2019-3858	Out-of-bounds Read An out-of-bounds read flaw was discovered in libssh2 when a specially crafted SFTP packet is received from the server. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.	1.8.1-1 Affected by 0 other vulnerabilities.
VCID-sy5b-nfqk-6ucm Aliases: CVE-2019-3862	Out-of-bounds Read An out-of-bounds read flaw was discovered in libssh2 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.	1.8.1-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-97nz-s1q6-x3fc
Aliases:
CVE-2019-3861

Out-of-bounds Read An out-of-bounds read flaw was discovered in libssh2 in the way SSH packets with a padding length value greater than the packet length are parsed. A remote attacker who compromises a SSH server may be able to cause a Denial of Service or read data in the client memory.