CVE-2016-1907 — Vulnetix

Try Vulnetix Request Demo

CVE-2016-1907 REJECTED

The ssh_packet_read_poll2 function in packet.c in OpenSSH before 7.1p2 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via crafted network traffic.

EPSS 0.47% · 64.6th percentile

Risk Scores

EPSS Score

0.47%

64.6th percentile

Affected Products

Vendor	Product	Versions
Ubuntu:14.04:LTS	openssh	0, 1:6.2p2-6, 1:6.2p2-6ubuntu1
Ubuntu:16.04:LTS	openssh	0, 1:6.9p1-2, 1:6.9p1-3

Timeline

Jan 14, 2016 CVE Published
Oct 2, 2020 PoC Published
Nov 6, 2020 PoC Published
Sep 6, 2021 PoC Published
Feb 4, 2022 EPSS Score
May 13, 2024 CVE Updated
Oct 9, 2024 PoC Published
Dec 12, 2024 PoC Published
Mar 17, 2025 EPSS Score
Mar 21, 2025 EPSS Score
Mar 22, 2025 EPSS Score
Mar 26, 2025 EPSS Score

References

https://ubuntu.com/security/CVE-2016-1907 third-party-advisory
http://seclists.org/oss-sec/2016/q1/112 third-party-advisory
https://ubuntu.com/security/notices/USN-2966-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2016-1907 third-party-advisory
Multiples vulnérabilités dans les produits Siemens advisory

Open in Interactive Console →