CVE-2017-18594

Priority
Description
nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due
to a double free when an SSH connection fails, as demonstrated by a leading
\n character to ssh-brute.nse or ssh-auth-methods.nse.
Notes
Package
Source: nmap (LP Ubuntu Debian)
Upstream:released (7.80+dfsg1-1)
Ubuntu 12.04 ESM (Precise Pangolin):needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):needs-triage
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 19.04 (Disco Dingo):needs-triage
Ubuntu 19.10 (Eoan):not-affected (7.80+dfsg1-1)
Patches:
Upstream:https://github.com/nmap/nmap/commit/350bbe0597d37ad67abe5fef8fba984707b4e9ad
More Information

Updated: 2019-10-09 06:37:16 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)