Resource management error in libssh

#VU43283 Resource management error in libssh

Published: 2012-12-01 | Updated: 2020-08-11

Vulnerability identifier: #VU43283

Vulnerability risk: Medium

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2012-6063

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libssh
Universal components / Libraries / Libraries used by multiple products

Vendor: libssh

Description

The vulnerability allows a remote non-authenticated attacker to read and manipulate data.

Double free vulnerability in the sftp_mkdir function in sftp.c in libssh before 0.5.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors, a different vector than CVE-2012-4559.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libssh: 0.4.7 - 0.5.1

External links
http://git.libssh.org/projects/libssh.git/commit/?h=v0-5&id=4d8420f3282ed07fc99fc5e930c17df27ef1e9b2
http://www.debian.org/security/2012/dsa-2577
http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/
http://bugzilla.redhat.com/show_bug.cgi?id=871612

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Gentoo update for libssh

Multiple vulnerabilities in libssh