Unrated severityNVD Advisory· Published Aug 28, 2019· Updated Aug 5, 2024
CVE-2017-18594
CVE-2017-18594
Description
nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- Nmap/Nmapdescription
- osv-coords9 versionspkg:rpm/opensuse/nmap&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/nmap&distro=openSUSE%20Leap%2015.1pkg:rpm/opensuse/nmap&distro=openSUSE%20Tumbleweedpkg:rpm/suse/nmap&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/nmap&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/nmap&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP2pkg:rpm/suse/nmap&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015pkg:rpm/suse/nmap&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP1pkg:rpm/suse/nmap&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2
< 7.70-lp150.2.9.1+ 8 more
- (no CPE)range: < 7.70-lp150.2.9.1
- (no CPE)range: < 7.70-lp151.3.9.1
- (no CPE)range: < 7.92-4.1
- (no CPE)range: < 7.70-3.12.1
- (no CPE)range: < 7.70-3.12.1
- (no CPE)range: < 7.70-3.12.1
- (no CPE)range: < 7.70-3.12.1
- (no CPE)range: < 7.70-3.12.1
- (no CPE)range: < 7.70-3.12.1
Patches
Vulnerability mechanics
References
8- lists.opensuse.org/opensuse-security-announce/2019-09/msg00073.htmlmitrevendor-advisoryx_refsource_SUSE
- lists.opensuse.org/opensuse-security-announce/2019-09/msg00075.htmlmitrevendor-advisoryx_refsource_SUSE
- github.com/AMatchandaHaystack/Research/blob/master/Nmap%26libsshDFmitrex_refsource_MISC
- github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9admitrex_refsource_MISC
- github.com/nmap/nmap/issues/1077mitrex_refsource_MISC
- github.com/nmap/nmap/issues/1227mitrex_refsource_MISC
- seclists.org/nmap-announce/2019/0mitrex_refsource_MISC
- seclists.org/nmap-dev/2018/q2/45mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.