← Back

CVE-2019-13115

nvd nist
Published: Jul 16, 2019Modified: Nov 21, 2024

JSON object

Loading...
8.1
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
Exploitability: 2.8 / Impact: 5.2
Source: NVD

Description

In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or cause a denial of service condition on the client system when a user connects to the server. This is related to an _libssh2_check_length mistake, and is different from the various issues fixed in 1.8.1, such as CVE-2019-3855.

Affected (9)

Products: Libssh2: Libssh2 · Debian: Debian Linux · Fedoraproject: Fedora · +2 more
Show all products
Libssh2: Libssh2 · Debian: Debian Linux · Fedoraproject: Fedora · Netapp: Cloud Backup, E Series Santricity Os Controller, Ontap Select Deploy Administration Utility · F5: Traffix Systems Signaling Delivery Controller
Libssh2
1 product
Libssh2
Debian
1 product
Debian Linux
Fedoraproject
1 product
Fedora
Netapp
3 products
Cloud Backup
E Series Santricity Os Controller
Ontap Select Deploy Administration Utility
F5
1 product
Traffix Systems Signaling Delivery Controller
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Libssh2
Before 1.9.0
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 8.0
Debian Linux
Version 9.0
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Fedoraproject
Fedora
Version 29
Fedora
Version 30
Configuration D
3 vulnerable
Vulnerable SoftwareAffected Versions
Cloud Backup
All versions
E Series Santricity Os Controller
From 11.0.0 to 11.70.1
Ontap Select Deploy Administration Utility
All versions
Configuration E
1 vulnerable
Vulnerable SoftwareAffected Versions
Traffix Systems Signaling Delivery Controller
From 5.0.0 to 5.1.0

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
CWE-190
Integer Overflow or Wraparound
The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (30)

Source: cve@mitre.org
Source: cve@mitre.org
ExploitThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Issue TrackingThird Party Advisory
Source: cve@mitre.org
Release NotesVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Release NotesVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.