Your submission was sent successfully! Close

CVE-2016-0739

Published: 23 February 2016

libssh before 0.7.3 improperly truncates ephemeral secrets generated for the (1) diffie-hellman-group1 and (2) diffie-hellman-group14 key exchange methods to 128 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."

Notes

AuthorNote
tyhicks
affects "all versions of libssh 0.1 and later"
Priority

Medium

CVSS 3 base score: 5.9

Status

Package Release Status
libssh
Launchpad, Ubuntu, Debian
precise
Released (0.5.2-1ubuntu0.12.04.6)
trusty Does not exist
(trusty was released [0.6.1-0ubuntu3.3])
upstream
Released (0.7.3)
wily
Released (0.6.3-3ubuntu3.2)
xenial
Released (0.6.3-4.2ubuntu1)
yakkety
Released (0.6.3-4.2ubuntu1)