Remote Denial of Service in libssh Affecting Multiple Releases
CVE-2014-8132

Currently unrated

Key Information:

Vendor: Libssh
Status: Libssh
Vendor: CVE Published:; 29 December 2014

What is CVE-2014-8132?

The vulnerability exists in the ssh_packet_kexinit function within kex.c in libssh versions 0.5.x and 0.6.x prior to 0.6.4. It enables remote attackers to exploit crafted kexinit packets, potentially leading to a denial of service. This flaw exemplifies the importance of robust packet handling and validation in security protocols.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1158089

x_refsource_CONFIRM

http://www.ubuntu.com/usn/USN-2478-1

vendor-advisoryx_refsource_UBUNTU

https://security.gentoo.org/glsa/201606-12

vendor-advisoryx_refsource_GENTOO

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 29, 2014
Vulnerability Reserved
Oct 10, 2014

CVE-2014-8132 Data

JSON

Libssh

What is CVE-2014-8132?

References

Timeline