GSD-2019-3863
Vulnerability from gsd - Updated: 2023-12-13 01:24Details
A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2019-3863",
"description": "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.",
"id": "GSD-2019-3863",
"references": [
"https://www.suse.com/security/cve/CVE-2019-3863.html",
"https://www.debian.org/security/2019/dsa-4431",
"https://access.redhat.com/errata/RHSA-2019:2399",
"https://access.redhat.com/errata/RHSA-2019:1943",
"https://access.redhat.com/errata/RHSA-2019:1791",
"https://access.redhat.com/errata/RHSA-2019:1652",
"https://access.redhat.com/errata/RHSA-2019:1175",
"https://access.redhat.com/errata/RHSA-2019:0679",
"https://advisories.mageia.org/CVE-2019-3863.html",
"https://security.archlinux.org/CVE-2019-3863",
"https://alas.aws.amazon.com/cve/html/CVE-2019-3863.html",
"https://linux.oracle.com/cve/CVE-2019-3863.html",
"https://ubuntu.com/security/CVE-2019-3863"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2019-3863"
],
"details": "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error.",
"id": "GSD-2019-3863",
"modified": "2023-12-13T01:24:03.200241Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-3863",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "libssh2",
"version": {
"version_data": [
{
"version_value": "1.8.1"
}
]
}
}
]
},
"vendor_name": "The libssh2 Project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-190"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863"
},
{
"name": "https://www.libssh2.org/CVE-2019-3863.html",
"refsource": "MISC",
"url": "https://www.libssh2.org/CVE-2019-3863.html"
},
{
"name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190327-0005/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"name": "RHSA-2019:0679",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0679"
},
{
"name": "openSUSE-SU-2019:1075",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"name": "openSUSE-SU-2019:1109",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
},
{
"name": "FEDORA-2019-3348cb4934",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/"
},
{
"name": "DSA-4431",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4431"
},
{
"name": "20190415 [SECURITY] [DSA 4431-1] libssh2 security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/Apr/25"
},
{
"name": "RHSA-2019:1175",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1175"
},
{
"name": "RHSA-2019:1652",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1652"
},
{
"name": "RHSA-2019:1791",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1791"
},
{
"name": "RHSA-2019:1943",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1943"
},
{
"name": "RHSA-2019:2399",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2399"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "(,1.8.1)",
"affected_versions": "All versions before 1.8.1",
"cvss_v2": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-787",
"CWE-937"
],
"date": "2019-05-14",
"description": "A flaw was found in libssh2 A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out-of-bounds memory write error.",
"fixed_versions": [
"1.8.2"
],
"identifier": "CVE-2019-3863",
"identifiers": [
"CVE-2019-3863"
],
"not_impacted": "All versions starting from 1.8.1",
"package_slug": "nuget/libssh2-vc141_xp",
"pubdate": "2019-03-25",
"solution": "Upgrade to version 1.8.2 or above.",
"title": "Out-of-bounds Write",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2019-3863"
],
"uuid": "a690dc30-a3ca-4629-b6f3-28b9f20d42cc"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "1.8.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2019-3863"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "A flaw was found in libssh2 before 1.8.1. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used as an index to copy memory causing in an out of bounds memory write error."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.libssh2.org/CVE-2019-3863.html",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://www.libssh2.org/CVE-2019-3863.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3863"
},
{
"name": "[debian-lts-announce] 20190326 [SECURITY] [DLA 1730-1] libssh2 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00032.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190327-0005/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190327-0005/"
},
{
"name": "RHSA-2019:0679",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0679"
},
{
"name": "openSUSE-SU-2019:1075",
"refsource": "SUSE",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00040.html"
},
{
"name": "openSUSE-SU-2019:1109",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00003.html"
},
{
"name": "FEDORA-2019-3348cb4934",
"refsource": "FEDORA",
"tags": [],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5DK6VO2CEUTAJFYIKWNZKEKYMYR3NO2O/"
},
{
"name": "DSA-4431",
"refsource": "DEBIAN",
"tags": [],
"url": "https://www.debian.org/security/2019/dsa-4431"
},
{
"name": "20190415 [SECURITY] [DSA 4431-1] libssh2 security update",
"refsource": "BUGTRAQ",
"tags": [],
"url": "https://seclists.org/bugtraq/2019/Apr/25"
},
{
"name": "RHSA-2019:1175",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:1175"
},
{
"name": "RHSA-2019:1652",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:1652"
},
{
"name": "RHSA-2019:1791",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:1791"
},
{
"name": "RHSA-2019:1943",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:1943"
},
{
"name": "RHSA-2019:2399",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:2399"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"tags": [],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2019-05-14T21:29Z",
"publishedDate": "2019-03-25T18:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…