CVE-2019-3855

HIGH

libssh2 < 1.8.1 - Remote Code Execution via Integer Overflow in Packet Handling

Title source: llm
STIX 2.1

Description

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

References (27)

Core 27
Core References
Mailing List, Patch, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2019/03/18/3
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Mar/25
Patch, Vendor Advisory x_refsource_misc
https://www.libssh2.org/CVE-2019-3855.html
Issue Tracking, Patch, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3855
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/107485
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190327-0005/
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:0679
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html
Third Party Advisory vendor-advisory x_refsource_debian
https://www.debian.org/security/2019/dsa-4431
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Apr/25
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1175
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1652
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1791
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1943
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:2399
Third Party Advisory x_refsource_confirm
https://support.apple.com/kb/HT210609
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
https://seclists.org/bugtraq/2019/Sep/49
Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2019/Sep/42

Scores

CVSS v3 8.8
EPSS 0.1624
EPSS Percentile 94.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-190 CWE-787
Status published
Products (18)
apple/xcode < 11.0
debian/debian_linux 8.0
debian/debian_linux 9.0
fedoraproject/fedora 28
fedoraproject/fedora 29
fedoraproject/fedora 30
libssh2/libssh2 < 1.8.1
netapp/ontap_select_deploy_administration_utility
opensuse/leap 42.3
oracle/peoplesoft_enterprise_peopletools 8.56
... and 8 more
Published Mar 21, 2019
Tracked Since Feb 18, 2026