Libssh · Libssh · CVE-2016-0739
**Name of the Vulnerable Software and Affected Versions**
libssh versions prior to 0.7.3
**Description**
The issue is related to a "bits/bytes confusion bug" in the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods. This bug causes ephemeral secrets to be improperly truncated to 128 bits, making it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions.
**Recommendations**
For versions prior to 0.7.3, update to version 0.7.3 or later to resolve the issue. As a temporary workaround, consider restricting the use of the diffie-hellman-group1 and diffie-hellman-group14 key exchange methods until a patch is available.