Candidate: CVE-2012-6063
PublicDate: 2012-11-30 22:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6063
 https://bugzilla.redhat.com/show_bug.cgi?id=871612
 http://www.libssh.org/2012/11/20/libssh-0-5-3-security-release/
 http://git.libssh.org/projects/libssh.git/commit/?h=v0-5&id=4d8420f3282ed07fc99fc5e930c17df27ef1e9b2
Description:
 Double free vulnerability in the sftp_mkdir function in sftp.c in libssh
 before 0.5.3 allows remote attackers to cause a denial of service (crash)
 and possibly execute arbitrary code via unspecified vectors, a different
 vector than CVE-2012-4559.
Ubuntu-Description:
Notes:
 mdeslaur> was included in CVE-2012-4559 patch
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_libssh:
upstream_libssh: needs-triage
hardy_libssh: ignored (reached end-of-life)
lucid_libssh: not-affected (0.4.2-1ubuntu1.1)
oneiric_libssh: not-affected (0.5.2-1ubuntu0.11.10.1)
precise_libssh: not-affected (0.5.2-1ubuntu0.12.04.1)
quantal_libssh: not-affected (0.5.2-1ubuntu0.12.10.1)
devel_libssh: not-affected (0.5.3-1)