- Home
- CVEs with nessus.description==Andreas Schneider reported that libssh2, an SSH2 protocol implementation used by many applications, did not generate sufficiently long Diffie-Hellman secrets.
This vulnerability could be exploited by an eavesdropper to decrypt and to intercept SSH sessions.
For the oldoldstable distribution (squeeze), this has been fixed in version 1.2.6-1 deb6u2. Although the changelog refers to 'sha256', this version only supports DH SHA-1 key exchange and it is that key exchange method that has been fixed.
For the oldstable (wheezy) and stable (jessie) distributions, this will be fixed soon.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top