A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers. An attacker can craft an authentication request message for the gssapi-with-mic method which will cause NewServerConn to panic via a nil pointer dereference if ServerConfig.GSSAPIWithMICConfig is nil.
NULL Pointer Dereference
NULL Pointer Dereference
NULL Pointer Dereference
3.9
3.9
-
3.9
-
-
-
3.9
-
-
CVE-2020-29652
-
CVE-2020-29652
-