SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2020-1874

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP2-2020-1874

Security update for nmap

Type: security

Severity: important

Issued: 2020-07-08

Description:

This update for nmap fixes the following issues:

Security issue fixed:

- CVE-2017-18594: Fixed a denial of service condition due to a double free when an SSH connection fails. (bsc#1148742)

Non-security issue fixed:

- Fixed a regression in the version scanner caused, by the fix for CVE-2018-15173. (bsc#1135350)

References

CVE: CVE-2018-15173
CVE: CVE-2017-18594
Bugzilla: 1148742 VUL-0: CVE-2017-18594: nmap: nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse
Bugzilla: 1135350 segmentation fault in nmap

Packages

nmap-7.70-3.12.1