Feb. 5, 2024, 1:02 p.m. |

Ubuntu security notices ubuntu.com

USN-6592-1 fixed vulnerabilities in libssh. This update provides the
corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.

Original advisory details:

It was discovered that libssh incorrectly handled the ProxyCommand and the
ProxyJump features. A remote attacker could possibly use this issue to
inject malicious code into the command of the features mentioned through
the hostname parameter. (CVE-2023-6004)

It was discovered that libssh incorrectly handled return codes when
performing message digest operations. A remote attacker could possibly use
this …

advisory attacker code command features inject issue libssh lts malicious proxycommand ubuntu update updates usn vulnerabilities

Director of the Air Force Cyber Technical Center of Excellence (CyTCoE)

@ Air Force Institute of Technology | Dayton, OH, USA

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Senior Cybersecurity Engineer

@ Hitachi | (STS) Perth - Belmont

Cyber Security Expert (W/M)

@ Worldline | Seclin - 59, Nord, France

Senior CISO

@ Alter Solutions | Madrid, Spain

IT Security Specialist

@ BDO | Eindhoven, Netherlands