CVE-2012-4562

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-4562 at MITRE

Description

Multiple integer overflows in libssh before 0.5.3 allow remote attackers to cause a denial of service (infinite loop or crash) and possibly execute arbitrary code via unspecified vectors, which triggers a buffer overflow, infinite loop, or possibly some other unspecified vulnerabilities.

NVD CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)

SUSE information

SUSE Bugzilla entry: 789827

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP2
  • libssh2 >= 0.2-5.18.1
Patchnames:
sledsp2-libssh2
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libssh2 >= 0.2-5.18.1
Patchnames:
sdksp2-libssh2
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Software Development Kit 11 SP2
  • libssh2 >= 0.2-5.18.1
sle11-sp2-sdk.ppc
sled11-sp2.x86
sle11-sp2-sdk.s390x
sled11-sp2.x86-64
sle11-sp2-sdk.x86-64
sle11-sp2-sdk.ia64
sle11-sp2-sdk.x86
SAT Patch Nr: 7073
openSUSE Evergreen 11.4
  • libssh >= 0.4.8-10.1
  • libssh-debugsource >= 0.4.8-10.1
  • libssh-devel >= 0.4.8-10.1
  • libssh-devel-doc >= 0.4.8-10.1
  • libssh4 >= 0.4.8-10.1
  • libssh4-debuginfo >= 0.4.8-10.1
Patchnames:
2012-14