USN-6585-1: libssh2 vulnerability | allinfosecnews.com

Jan. 15, 2024, 6:31 p.m. |

Ubuntu security notices ubuntu.com

Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH
protocol was vulnerable to a prefix truncation attack. If a remote attacker
was able to intercept SSH communications, extension negotiation messages
could be truncated, possibly leading to certain algorithms and features
being downgraded. This issue is known as the Terrapin attack. This update
adds protocol extensions to mitigate this issue.

algorithms attack attacker communications extension extensions fabian bäumer features intercept issue jörg schwenk marcus marcus brinkmann messages negotiation protocol ssh ssh communications ssh protocol terrapin terrapin attack truncated update usn vulnerability vulnerable

More from ubuntu.com / Ubuntu security notices

USN-6754-1: nghttp2 vulnerabilities 1 day, 18 hours ago | ubuntu.com

attacker cve denial of service http +10

USN-6753-1: CryptoJS vulnerability 1 day, 19 hours ago | ubuntu.com

attacker configuration cryptographic default +11

USN-6751-1: Zabbix vulnerabilities 1 day, 20 hours ago | ubuntu.com

attacker attacks cross-site cross-site scripting (xss) attacks +11

USN-6752-1: FreeRDP vulnerabilities 2 days, 1 hour ago | ubuntu.com

attacker crash denial of service issue +7

USN-6750-1: Thunderbird vulnerabilities 2 days, 13 hours ago | ubuntu.com

arbitrary code attacker browsing bypass +19

USN-6743-3: Linux kernel (Azure) vulnerabilities 2 days, 17 hours ago | ubuntu.com

attacker azure bpf compromise +16

USN-6657-2: Dnsmasq vulnerabilities 2 days, 20 hours ago | ubuntu.com

advisory attacker dnsmasq dnssec +10

USN-6749-1: FreeRDP vulnerabilities 2 days, 23 hours ago | ubuntu.com

arbitrary code attacker code context +12

USN-6748-1: Sanitize vulnerabilities 3 days, 11 hours ago | ubuntu.com

attack attacker cross-site cve +9

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Principal Security Analyst - Threat Labs (Position located in India) (Remote)

@ KnowBe4, Inc. | Kochi, India

View on infosec-jobs.com

Cyber Security - Cloud Security and Security Architecture - Manager - Multiple Positions - 1500860

@ EY | Dallas, TX, US, 75219

View on infosec-jobs.com

Enterprise Security Architect (Intermediate)

@ Federal Reserve System | Remote - Virginia

View on infosec-jobs.com

Engineering -- Tech Risk -- Global Cyber Defense & Intelligence -- Associate -- Dallas

@ Goldman Sachs | Dallas, Texas, United States

View on infosec-jobs.com

Vulnerability Management Team Lead - North Central region (Remote)

@ GuidePoint Security LLC | Remote in the United States

View on infosec-jobs.com