CVE-2023-6004 — Injection in Libssh

CWE-74 — Injection12 documents9 sources

Severity

4.8MEDIUMNVD

EPSS

0.1%

top 84.22%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Libssh Fedoraproject Fedora Redhat Enterprise Linux

Timeline

PublishedJan 3

Latest updateFeb 28

Description

A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:LExploitability: 1.3 | Impact: 3.4

Affected Packages3 packages

▶NVDlibssh/libssh0.8.0 — 0.9.8+1

▶Debianlibssh/libssh< 0.9.8-0+deb11u1+3

▶Ubuntulibssh/libssh< 0.9.3-2ubuntu2.5+3

Also affects: Fedora 38, Enterprise Linux 8.0, 9.0

🔴Vulnerability Details

OSV

libssh vulnerabilities↗2024-02-05

▶

OSV

libssh vulnerabilities↗2024-01-22

▶

GHSA

GHSA-f35j-mfvw-p857: A flaw was found in libssh↗2024-01-03

▶

CVEList

Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname↗2024-01-03

▶

OSV

CVE-2023-6004: A flaw was found in libssh↗2024-01-03

▶

📋Vendor Advisories

Ubuntu

libssh vulnerabilities↗2024-02-05

▶

Ubuntu

libssh vulnerabilities↗2024-01-22

▶

Microsoft

Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname↗2024-01-09

▶

Red Hat

libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname↗2023-12-18

▶

Debian

CVE-2023-6004: libssh - A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, ...↗2023

▶

💬Community

HackerOne

Command Injection using malicious hostname in expanded proxycommand↗2024-02-28

▶