The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a "Client: Diffie-Hellman Key Exchange Init" packet.
AV:N/AC:M/Au:N/C:N/I:N/A:P
05/02/2013
by Libssh
3 months ago