Debian Lsh-Utils vulnerabilities
3 known vulnerabilities affecting debian/lsh-utils.
Total CVEs
3
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1LOW1
Vulnerabilities
Page 1 of 1
CVE-2003-0826P3HIGHCVSS 7.5PoCfixed in lsh-utils 1.4.2-6 (bookworm)2003
CVE-2003-0826 [HIGH] CVE-2003-0826: lsh-utils - lsh daemon (lshd) does not properly return from certain functions in (1) read_li...
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack.
Scope: local
bookworm: resolved (fixed in 1.4.2-6)
bullseye: resolved (fixed in 1.4.2-6)
sid: resol
debian
CVE-2005-0814P4MEDIUMCVSS 5.0fixed in lsh-utils 2.0.1-1 (bookworm)2005
CVE-2005-0814 [MEDIUM] CVE-2005-0814: lsh-utils - Unknown vulnerability in lshd in Lysator LSH 1.x and 2.x before 2.0.1 allows rem...
Unknown vulnerability in lshd in Lysator LSH 1.x and 2.x before 2.0.1 allows remote attackers to cause a denial of service via unknown vectors.
Scope: local
bookworm: resolved (fixed in 2.0.1-1)
bullseye: resolved (fixed in 2.0.1-1)
sid: resolved (fixed in 2.0.1-1)
debian
CVE-2006-0353P4LOWCVSS 3.6fixed in lsh-utils 2.0.1cdbs-4 (bookworm)2006
CVE-2006-0353 [LOW] CVE-2006-0353: lsh-utils - unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the random...
unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys.
Scope: local
bookworm: resolved (fixed in 2.0.1cdbs-4)
bullseye: resolved (fix
debian