PT-2023-8206 · Libssh+11 · Libssh+11

Vinci

·

Published

2023-12-18

·

Updated

2025-07-08

·

CVE-2023-6004

CVSS v3.1

4.8

Medium

VectorAV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Name of the Vulnerable Software and Affected Versions libssh (affected versions not specified) OpenSSH versions prior to 9.6p1 libssh versions prior to 0.10.6 and 0.9.8
Description A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter. The vulnerability is related to the incorrect control of code generation in the ProxyCommand/ProxyJump component of the libssh library.
Recommendations For libssh versions prior to 0.10.6 and 0.9.8, update to version 0.10.6 or 0.9.8 to resolve the issue. For OpenSSH versions prior to 9.6p1, update to version 9.6p1 to resolve the issue. As a temporary workaround, consider restricting the use of the ProxyCommand and ProxyJump features until a patch is available. Avoid using the hostname parameter in the affected API endpoints until the issue is resolved.

Fix

Special Elements Injection

Code Injection

Improper Neutralization

Weakness Enumeration

CWE-74CWE-94CWE-707

Related Identifiers

ALSA-2024:2504
ALSA-2024:3233
ALT-PU-2024-1249
ALT-PU-2024-1251
ALT-PU-2024-1613
ALT-PU-2024-1622
AZL-34942
BDU:2024-00199
CESA-2024_3233
CVE-2023-6004
DSA-5591-1
INFSA-2024_2504
INFSA-2024_3233
MGASA-2023-0357
OESA-2024-1040
OESA-2024-1041
OESA-2024-1044
OESA-2024-1045
OESA-2024-1089
OESA-2024-1123
OPENSUSE-SU-2024:13638-1
RHSA-2024:2504
RHSA-2024:3233
RHSA-2024_2504
RHSA-2024_3233
RLSA-2024:3233
ROSA-SA-2025-2674
ROSA-SA-2025-2675
SUSE-SU-2024:0140-1
SUSE-SU-2024:0525-1
SUSE-SU-2024:0539-1
USN-6592-1
USN-6592-2

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Linuxmint
Openssh
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
Libssh