Detections
Analytics
Fedora 29 : libssh2 (2019-5885663621)
high Nessus Plugin ID 127512
Language:
Synopsis
The remote Fedora host is missing a security update.Description
A vulnerability was discovered in libssh2 before 1.9.0, `kex_method_diffie_hellman_group_exchange_sha256_key_exchange` in `kex.c` has an integer overflow that could lead to an out-of-bounds write in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.This is related to an `_libssh2_check_length` mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.
This update, to the latest current upstream release 1.9.0, addresses this security issue and also includes a number of other bug fixes and enhancements as described in the package changelog.
Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.
Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected libssh2 package.See Also
https://bodhi.fedoraproject.org/updates/FEDORA-2019-5885663621
Plugin Details
Severity: High
ID: 127512
File Name: fedora_2019-5885663621.nasl
Version: 1.3
Type: local
Agent: unix
Family: Fedora Local Security Checks
Published: 8/12/2019
Updated: 1/6/2020
Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 6.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS v3
Risk Factor: High
Base Score: 8.8
Temporal Score: 7.7
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: p-cpe:/a:fedoraproject:fedora:libssh2, cpe:/o:fedoraproject:fedora:29
Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list
Exploit Ease: No known exploits are available
Patch Publication Date: 8/4/2019
Vulnerability Publication Date: 3/21/2019
Reference Information
CVE: CVE-2019-13115, CVE-2019-3855
FEDORA: 2019-5885663621