Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2012-4561

The (1) publickey_make_dss, (2) publickey_make_rsa, (3) signature_from_string, (4) ssh_do_sign, and (5) ssh_sign_session_id functions in keys.c in libssh before 0.5.3 free "an invalid pointer on an error path," which might allow remote attackers to cause a denial of service (crash) via unspecified vectors.

  • Published: Nov 30, 2012
  • Updated: Apr 13, 2023
  • CVE: CVE-2012-4561
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 5
  • AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Software From Fixed in
libssh / libssh 0.5.1 0.5.1.x
libssh / libssh 0.5.0-rc1 0.5.0-rc1.x
libssh / libssh 0.4.7 0.4.7.x
libssh / libssh 0.5.0 0.5.0.x
libssh / libssh 0.4.8 0.4.8.x
libssh / libssh - 0.5.2.x