[X2Go-Dev] libssh 0.6.5 has been released to address CVE-2015-3146
Michael DePaulo
mikedep333 at gmail.com
Mon May 4 14:34:07 CEST 2015
On Thu, Apr 30, 2015 at 11:35 AM, Michael DePaulo <mikedep333 at gmail.com> wrote:
> Sent from my Android Smartphone
>
> ---------- Forwarded message ----------
> From: "Andreas Schneider" <asn at cryptomilk.org>
> Date: Apr 30, 2015 10:33 AM
> Subject: libssh 0.6.5 has been released to address CVE-2015-3146
> To: <libssh at libssh.org>
> Cc:
>
> ibssh versions 0.5.1 and above have a logical error in the handling of a
> SSH_MSG_NEWKEYS and SSH_MSG_KEXDH_REPLY package. A detected error did not
> set
> the session into the error state correctly and further processed the packet
> which leads to a null pointer dereference. This is the packet after the
> initial key exchange and doesn’t require authentication.
>
> This could be used for a Denial of Service (DoS) attack.
>
> The bug was found and reported by Mariusz Ziulek from the Open Web
> Application
> Security Project (OWASP).
>
> https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/
>
> --
> Andreas Schneider GPG-ID: CC014E3D
> www.cryptomilk.org asn at cryptomilk.org
>
>
I asked on IRC (#libssh on FreeNode) if it affects the ssh client
functionality. They said it affects both server and client.
I find a DoS attack on a client to be a bit odd, but I will update
libssh anyway for X2Go Client for Windows 4.0.3.2-YYYYMMDD anyway.
More information about the x2go-dev
mailing list