Debian DSA-3488-1 : libssh - security update

Medium Nessus Plugin ID 88916

Synopsis

The remote Debian host is missing a security-related update.

Description

Aris Adamantiadis discovered that libssh, a tiny C SSH library, incorrectly generated a short ephemeral secret for the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods.
The resulting secret is 128 bits long, instead of the recommended sizes of 1024 and 2048 bits respectively. This flaw could allow an eavesdropper with enough resources to decrypt or intercept SSH sessions.

Solution

Upgrade the libssh packages.

For the oldstable distribution (wheezy), this problem has been fixed in version 0.5.4-1+deb7u3. This update also includes fixes for CVE-2014-8132 and CVE-2015-3146, which were previously scheduled for the next wheezy point release.

For the stable distribution (jessie), this problem has been fixed in version 0.6.3-4+deb8u2.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=815663

https://security-tracker.debian.org/tracker/CVE-2014-8132

https://security-tracker.debian.org/tracker/CVE-2015-3146

https://packages.debian.org/source/wheezy/libssh

https://packages.debian.org/source/jessie/libssh

https://www.debian.org/security/2016/dsa-3488

Plugin Details

Severity: Medium

ID: 88916

File Name: debian_DSA-3488.nasl

Version: 2.4

Type: local

Agent: unix

Published: 2016/02/24

Updated: 2018/11/10

Dependencies: 12634

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

CVSS v3.0

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:libssh, cpe:/o:debian:debian_linux:7.0, cpe:/o:debian:debian_linux:8.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Patch Publication Date: 2016/02/23

Reference Information

CVE: CVE-2016-0739

DSA: 3488