A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been fully initialized and the system tries to cleanup the ciphers when closing the connection. The biggest threat from this vulnerability is system availability.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2020-04-13T00:00:00
Updated: 2024-08-04T06:46:30.844Z
Reserved: 2019-11-27T00:00:00
Link: CVE-2020-1730
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-04-13T19:15:11.173
Modified: 2024-11-21T05:11:15.550
Link: CVE-2020-1730
Redhat