cve/CVE-2019-17498.md at 410e68ca9dddb67493d84ae4fe8e1a9e392594db

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server.

POC

Reference

http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html
http://packetstormsecurity.com/files/172835/libssh2-1.9.0-Out-Of-Bounds-Read.html

Github

https://github.com/Huluwa-kong/cits3007
https://github.com/InesMartins31/iot-cves
https://github.com/Timon-L/3007Project
https://github.com/alphaSeclab/sec-daily-2019

1.1 KiB Raw Blame History

CVE-2019-17498

Description

POC

Reference

Github

1.1 KiB

Raw Blame History