Bugzilla – Bug 1218209
VUL-0: CVE-2023-6004: libssh: ProxyCommand/ProxyJump features allow injection of malicious code through hostname
Last modified: 2024-02-20 20:36:46 UTC
Using the ProxyCommand or the ProxyJump feature enables users to exploit unchecked hostname syntax on the client, which enables to inject malicious code into the command of the above-mentioned features through the hostname parameter. User interaction is required to exploit this issue. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-6004 https://www.libssh.org/security/advisories/CVE-2023-6004.txt Patch: https://git.libssh.org/projects/libssh.git/log/?qt=grep&q=CVE-2023-6004 https://git.libssh.org/projects/libssh.git/commit/?id=2c92e8ce930a428a6fd150ae1ae55c5a365543f5 https://git.libssh.org/projects/libssh.git/commit/?id=95c6f880ef1539635bb82a134f7b8a06a46887ca https://git.libssh.org/projects/libssh.git/commit/?id=0ff85b034a04d45e79a79cd5666b348b5e27800d
This is an autogenerated message for OBS integration: This bug (1218209) was mentioned in https://build.opensuse.org/request/show/1134431 Factory / libssh
This is an autogenerated message for OBS integration: This bug (1218209) was mentioned in https://build.opensuse.org/request/show/1134726 Factory / libssh
SUSE-SU-2024:0140-1: An update that solves five vulnerabilities can now be installed. Category: security (important) Bug References: 1211188, 1211190, 1218126, 1218186, 1218209 CVE References: CVE-2023-1667, CVE-2023-2283, CVE-2023-48795, CVE-2023-6004, CVE-2023-6918 Sources used: openSUSE Leap 15.4 (src): libssh-0.9.8-150400.3.3.1, libssh-test-0.9.8-150400.3.3.1 openSUSE Leap Micro 5.3 (src): libssh-0.9.8-150400.3.3.1 openSUSE Leap Micro 5.4 (src): libssh-0.9.8-150400.3.3.1 openSUSE Leap 15.5 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise Micro for Rancher 5.3 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise Micro 5.3 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise Micro for Rancher 5.4 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise Micro 5.4 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise Micro 5.5 (src): libssh-0.9.8-150400.3.3.1 Basesystem Module 15-SP5 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise Real Time 15 SP4 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src): libssh-0.9.8-150400.3.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src): libssh-0.9.8-150400.3.3.1 SUSE Manager Proxy 4.3 (src): libssh-0.9.8-150400.3.3.1 SUSE Manager Retail Branch Server 4.3 (src): libssh-0.9.8-150400.3.3.1 SUSE Manager Server 4.3 (src): libssh-0.9.8-150400.3.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0525-1: An update that solves nine vulnerabilities and contains one feature can now be installed. Category: security (important) Bug References: 1158095, 1168699, 1174713, 1189608, 1211188, 1211190, 1218126, 1218186, 1218209 CVE References: CVE-2019-14889, CVE-2020-16135, CVE-2020-1730, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-48795, CVE-2023-6004, CVE-2023-6918 Jira References: PED-7719 Sources used: SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): libssh-0.9.8-150200.13.3.1 SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): libssh-0.9.8-150200.13.3.1 SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): libssh-0.9.8-150200.13.3.1 SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): libssh-0.9.8-150200.13.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): libssh-0.9.8-150200.13.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): libssh-0.9.8-150200.13.3.1 SUSE Enterprise Storage 7.1 (src): libssh-0.9.8-150200.13.3.1 SUSE Linux Enterprise Micro 5.1 (src): libssh-0.9.8-150200.13.3.1 SUSE Linux Enterprise Micro 5.2 (src): libssh-0.9.8-150200.13.3.1 SUSE Linux Enterprise Micro for Rancher 5.2 (src): libssh-0.9.8-150200.13.3.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2024:0539-1: An update that solves nine vulnerabilities and contains one feature can now be installed. Category: security (important) Bug References: 1158095, 1168699, 1174713, 1189608, 1211188, 1211190, 1218126, 1218186, 1218209 CVE References: CVE-2019-14889, CVE-2020-16135, CVE-2020-1730, CVE-2021-3634, CVE-2023-1667, CVE-2023-2283, CVE-2023-48795, CVE-2023-6004, CVE-2023-6918 Jira References: PED-7719 Sources used: SUSE Linux Enterprise Software Development Kit 12 SP5 (src): libssh-0.9.8-3.12.2 SUSE Linux Enterprise High Performance Computing 12 SP5 (src): libssh-0.9.8-3.12.2 SUSE Linux Enterprise Server 12 SP5 (src): libssh-0.9.8-3.12.2 SUSE Linux Enterprise Server for SAP Applications 12 SP5 (src): libssh-0.9.8-3.12.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.