nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse.
References
Link | Resource |
---|---|
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.html | |
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.html | |
https://github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDF | Third Party Advisory |
https://github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9ad | Patch Third Party Advisory |
https://github.com/nmap/nmap/issues/1077 | Patch Third Party Advisory |
https://github.com/nmap/nmap/issues/1227 | Exploit Third Party Advisory |
https://seclists.org/nmap-announce/2019/0 | Mailing List Third Party Advisory |
https://seclists.org/nmap-dev/2018/q2/45 | Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-08-28T23:50:22
Updated: 2019-09-26T11:06:10
Reserved: 2019-08-28T00:00:00
Link: CVE-2017-18594
JSON object: View
NVD Information
Status : Modified
Published: 2019-08-29T00:15:10.467
Modified: 2019-09-26T12:15:10.347
Link: CVE-2017-18594
JSON object: View
Redhat Information
No data.
CWE