Skip to main content

Libssh2 CVE-2019-3863

HIGH
Integer Overflow or Wraparound (CWE-190)
2019-03-25 secalert@redhat.com
8.8
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Mar 25, 2019 - 18:29 nvd
HIGH 8.8

DescriptionNVD

A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used by the SSH client as an index to copy memory causing in an out of bounds memory write error.

AnalysisAI

A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Technical ContextAI

This vulnerability is classified as Integer Overflow (CWE-190), which allows attackers to cause unexpected behavior through arithmetic overflow. A flaw was found in libssh2 before 1.8.1 creating a vulnerability on the SSH client side. A server could send a multiple keyboard interactive response messages whose total length are greater than unsigned char max characters. This value is used by the SSH client as an index to copy memory causing in an out of bounds memory write error. Affected products include: Libssh2, Debian Debian Linux, Netapp Ontap Select Deploy Administration Utility, Opensuse Leap, Redhat Enterprise Linux Desktop. Version information: before 1.8.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Validate arithmetic operations, use safe integer libraries, check bounds before allocation.

CVE-2023-48795 MEDIUM POC
5.9 Dec 18

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remot

CVE-2026-55200 CRITICAL POC
9.2 Jun 17

Remote code execution in libssh2 through version 1.11.1 stems from an unchecked packet_length field in ssh2_transport_re

CVE-2026-58050 HIGH POC
8.3 Jun 28

Heap buffer overflow in the libssh2 SSH client library (all versions through 1.11.1) lets a malicious or compromised SSH

CVE-2026-58051 HIGH POC
8.3 Jun 28

Free of an uninitialized, attacker-influenceable pointer in libssh2 through 1.11.1 allows a malicious SSH server to corr

CVE-2019-17498 HIGH POC
8.1 Oct 21

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds che

CVE-2019-13115 HIGH POC
8.1 Jul 16

In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha256_key_exchange in kex.c has an integer overflow t

CVE-2019-3861 CRITICAL
9.1 Mar 25

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH packets with a padding length value gre

CVE-2019-3860 CRITICAL
9.1 Mar 25

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SFTP packets with empty payloads are parsed

CVE-2019-3858 CRITICAL
9.1 Mar 21

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from

CVE-2019-3862 CRITICAL
9.1 Mar 21

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exi

CVE-2019-3859 CRITICAL
9.1 Mar 21

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_req

CVE-2019-3857 HIGH
8.8 Mar 25

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way SS

Share

CVE-2019-3863 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy