CVE Vulnerabilities

CVE-2014-8132

Published: Dec 29, 2014 | Modified: Oct 30, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Double free vulnerability in the ssh_packet_kexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet.

Affected Software

Name Vendor Start Version End Version
Libssh Libssh 0.6.1 0.6.1
Libssh Libssh 0.6.3 0.6.3
Libssh Libssh 0.6.0 0.6.0
Libssh Libssh 0.5.3 0.5.3
Libssh Libssh 0.5.2 0.5.2
Libssh Libssh 0.5.0 0.5.0
Libssh Libssh 0.5.5 0.5.5
Libssh Libssh 0.6.2 0.6.2
Libssh Libssh 0.5.4 0.5.4

References