Mandriva Update For Libssh MDVSA-2012:175 (libssh) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

Multiple double free(), buffer overflow, invalid free() and improper overflow checks vulnerabilities was found and corrected in libssh (CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562). The updated packages have been upgraded to the 0.5.3 version which is not affected by these issues.

Affected

libssh on Mandriva Linux 2011.0

Severity

Classification

CVE CVE-2012-4559, CVE-2012-4560, CVE-2012-4561, CVE-2012-4562

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Mandrake Security Advisory MDVSA-2009:041 (jhead)
Mandrake Security Advisory MDVSA-2009:093 (mpg123)
Mandrake Security Advisory MDVSA-2009:147 (pidgin)
Mandrake Security Advisory MDVSA-2009:131-1 (apr-util)
Mandrake Security Advisory MDVSA-2009:005 (xterm)

Mandriva Update for libssh MDVSA-2012:175 (libssh)

Take action and discover your vulnerabilities