Vulnerability Details : CVE-2015-3146
The (1) SSH_MSG_NEWKEYS and (2) SSH_MSG_KEXDH_REPLY packet handlers in package_cb.c in libssh before 0.6.5 do not properly validate state, which allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted SSH packet.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2015-3146
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
- cpe:2.3:a:libssh:libssh:*:*:*:*:*:*:*:*
Threat overview for CVE-2015-3146
Top countries where our scanners detected CVE-2015-3146
Top open port discovered on systems with this issue
22
IPs affected by CVE-2015-3146 1,641
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2015-3146!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2015-3146
5.77%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 93 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-3146
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
References for CVE-2015-3146
-
http://www.ubuntu.com/usn/USN-2912-1
USN-2912-1: libssh vulnerabilities | Ubuntu security notices
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-July/161802.html
[SECURITY] Fedora 22 Update: libssh-0.7.1-1.fc22
-
https://git.libssh.org/projects/libssh.git/commit/?h=libssh-0.6.5&id=94f6955fbaee6fda9385a23e505497efe21f5b4f
projects/libssh.git - libssh shared repository
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-May/158013.html
[SECURITY] Fedora 21 Update: libssh-0.6.5-1.fc21
-
https://www.libssh.org/security/advisories/CVE-2015-3146.txt
Vendor Advisory
-
http://www.debian.org/security/2016/dsa-3488
Debian -- Security Information -- DSA-3488-1 libssh
-
https://www.libssh.org/2015/04/30/libssh-0-6-5-security-and-bugfix-release/
libssh 0.6.5 (Security and bugfix release) – libsshVendor Advisory
Jump to