Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2014-8132 | 5.0 |
Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet. <a href="http://cwe.mitre.org/data/definitions/415.html">C
|
30-10-2018 - 16:27 | 29-12-2014 - 00:59 | |
CVE-2016-0739 | 4.3 |
libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH
|
09-12-2017 - 02:29 | 13-04-2016 - 17:59 | |
CVE-2015-3146 | 5.0 |
The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted S
|
20-04-2016 - 15:07 | 13-04-2016 - 17:59 |