nse_libssh2.cc in Nmap 7.70 is subject to a denial of...
High severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Apr 4, 2024
Description
Published by the National Vulnerability Database
Aug 29, 2019
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Apr 4, 2024
nse_libssh2.cc in Nmap 7.70 is subject to a denial of service condition due to a double free when an SSH connection fails, as demonstrated by a leading \n character to ssh-brute.nse or ssh-auth-methods.nse.
References