CVE-2016-1907

The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.

Published : 2016-01-19 05:59 Updated : 2017-02-17 02:59

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Openbsd Openssh 7.1 cpe:/a:openbsd:openssh:7.1:p1
Openbsd Openssh 6.9 cpe:/a:openbsd:openssh:6.9:p1
Openbsd Openssh 6.9 cpe:/a:openbsd:openssh:6.9
Openbsd Openssh 6.8 cpe:/a:openbsd:openssh:6.8:p1
Openbsd Openssh 6.8 cpe:/a:openbsd:openssh:6.8
Openbsd Openssh 7.0 cpe:/a:openbsd:openssh:7.0:p1
Openbsd Openssh 7.0 cpe:/a:openbsd:openssh:7.0
Openbsd Openssh 7.1 cpe:/a:openbsd:openssh:7.1
  1. Openbsd (1) Search CVE
    1. Openssh (4) Search CVE
      1. 7.1
      2. 6.9
      3. 6.8
      4. 7.0

CWE

ID Name Description Links
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer The software performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer. CVE

History of changes

Date Event
2016-01-19 05:59

New CVE