libssh-0.9.4-2.el8
エラータID: AXSA:2021-1281:01
リリース日:
2021/01/21 Thursday - 05:42
題名:
libssh-0.9.4-2.el8
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libssh の API 関数 ssh_scp_new() には、適切にクォートせずにコマンドをサーバー側に
渡すため、関数への引数を制御できる攻撃者が、リモートターゲットにおいて任意の
コマンドを実行できる脆弱性があります。(CVE-2019-14889)
- libsshには、コネクションの初期化が完了する前にコネクションを閉じられた場合の
AES-CTR(あるいは、DES(有効な場合))暗号器の扱いに問題があり、システムが暗号器の
クリーンアップしようとする際にクラッシュする可能性のある脆弱性があります。(CVE-2020-1730)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2019-14889
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.
A flaw was found with the libssh API function ssh_scp_new() in versions before 0.9.3 and before 0.8.8. When the libssh SCP client connects to a server, the scp command, which includes a user-provided path, is executed on the server-side. In case the library is used in a way where users can influence the third parameter of the function, it would become possible for an attacker to inject arbitrary commands, leading to a compromise of the remote target.
CVE-2020-1730
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.
追加情報:
N/A
ダウンロード:
SRPMS
- libssh-0.9.4-2.el8.src.rpm
MD5: 60a3ad36b55c6eab374386f50bbdd75d
SHA-256: a142ecdc2cb86d867f1636229c4ca2f0900b146c543dcafa61491b0052a105a5
Size: 520.45 kB
Asianux Server 8 for x86_64
- libssh-0.9.4-2.el8.x86_64.rpm
MD5: 62dea25c0b340e30edf4eb316da7eb56
SHA-256: 4ddfd67a7d461bacf22c085253be70bc23756b1ba22c539dc062433aa738f1f9
Size: 213.43 kB - libssh-config-0.9.4-2.el8.noarch.rpm
MD5: dc53543064d1052efba9b03d277a7cf1
SHA-256: a8784d7ad6d990dbfbce9c5d2bc11a1aec1b83964cd6bd2610aa2f7f32622de9
Size: 17.37 kB - libssh-devel-0.9.4-2.el8.x86_64.rpm
MD5: 10d32110acb6e6a958fb93cb3e7a4f92
SHA-256: b7b94474d77470e1f3a140336bf31f84861aad250f7196f27ed4642e588b74e1
Size: 436.41 kB - libssh-0.9.4-2.el8.i686.rpm
MD5: 51609eb9611b52ac457fce6bb6d32a38
SHA-256: cd00fc3e8546b9b52856ffbc4a7b40f3894b94dd532587df02a3c245ab0bbef1
Size: 233.09 kB - libssh-devel-0.9.4-2.el8.i686.rpm
MD5: 17f343fe246e2f20cf60583b69d8418d
SHA-256: 9964b5979209a7d5bf20be5707f82e7a643471a14ce89acddacc4da8ef3c7b0a
Size: 436.47 kB
English