Libssh Exploit Fixed in Ubuntu 12.10

A few other operating systems were affected by this problem

  Ubuntu 12.10 desktop
On January 28, in a security notice Canonical published details about a libssh vulnerability for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, and Ubuntu 10.04 LTS operating systems.

On January 28, in a security notice Canonical published details about a libssh vulnerability for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, and Ubuntu 10.04 LTS operating systems.

According to Canonical, libssh could have been made to crash, if it received specially crafted network traffic.

It was discovered that libssh incorrectly handled certain negotiation requests. A remote attacker could use this to cause libssh to crash, resulting in a denial of service.

The security flaws can be fixed if you upgrade your system(s) to the latest libssh-4 package, specific to each operating system. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart won't be necessary to implement the changes.

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

Comments