CVE-2016-0787

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."

References

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html

http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html

http://www.debian.org/security/2016/dsa-3487

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.securityfocus.com/bid/82514

https://bto.bluecoat.com/security-advisory/sa120

https://kc.mcafee.com/corporate/index?page=content&id=SB10156

https://puppet.com/security/cve/CVE-2016-0787

https://security.gentoo.org/glsa/201606-12

https://www.libssh2.org/adv_20160223.html

https://www.libssh2.org/CVE-2016-0787.patch

Details

Source: MITRE

Published: 2016-04-13

Updated: 2018-10-30

Type: CWE-200

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM

Tenable Plugins

View all (20 total)

IDNameProductFamilySeverity
124932EulerOS Virtualization 3.0.1.0 : libssh2 (EulerOS-SA-2019-1429)NessusHuawei Local Security Checks
high
124896EulerOS Virtualization for ARM 64 3.0.1.0 : libssh2 (EulerOS-SA-2019-1393)NessusHuawei Local Security Checks
high
99768EulerOS 2.0 SP1 : libssh2 (EulerOS-SA-2016-1005)NessusHuawei Local Security Checks
medium
92876F5 Networks BIG-IP : libssh2 vulnerability (K21531693)NessusF5 Networks Local Security Checks
medium
92558Tenable SecurityCenter < 5.4.0 Multiple Vulnerabilities (TNS-2016-12)NessusMisc.
high
91843GLSA-201606-12 : libssh and libssh2: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
90365Amazon Linux AMI : libssh2 (ALAS-2016-683)NessusAmazon Linux Local Security Checks
medium
90166openSUSE Security Update : libssh2_org (openSUSE-2016-388)NessusSuSE Local Security Checks
medium
89923SUSE SLED11 / SLES11 Security Update : libssh2_org (SUSE-SU-2016:0723-1)NessusSuSE Local Security Checks
medium
89922SUSE SLED12 / SLES12 Security Update : libssh2_org (SUSE-SU-2016:0718-1)NessusSuSE Local Security Checks
medium
89863Scientific Linux Security Update : libssh2 on SL6.x, SL7.x i386/x86_64 (20160310)NessusScientific Linux Local Security Checks
medium
89860OracleVM 3.3 / 3.4 : libssh2 (OVMSA-2016-0035)NessusOracleVM Local Security Checks
medium
89858Oracle Linux 6 / 7 : libssh2 (ELSA-2016-0428)NessusOracle Linux Local Security Checks
medium
89849CentOS 6 / 7 : libssh2 (CESA-2016:0428)NessusCentOS Local Security Checks
medium
89820RHEL 6 / 7 : libssh2 (RHSA-2016:0428)NessusRed Hat Local Security Checks
medium
89802Fedora 22 : libssh2-1.5.0-2.fc22 (2016-7942ee2cc5)NessusFedora Local Security Checks
medium
89652openSUSE Security Update : libssh2_org (openSUSE-2016-295)NessusSuSE Local Security Checks
medium
89491Fedora 23 : libssh2-1.6.0-4.fc23 (2016-215a2219b1)NessusFedora Local Security Checks
medium
88915Debian DSA-3487-1 : libssh2 - security updateNessusDebian Local Security Checks
medium
88914Debian DLA-426-1 : libssh2 security updateNessusDebian Local Security Checks
medium