CVE-2018-10933: Libssh Server Side Authentication Bypass Vulnerability Alert

On October 16, local time, libssh officially released an update bulletin to fix a server-side authentication bypass vulnerability (CVE-2018-10933) in version 0.6 and higher. By providing the server with an SSH2_MSG_USERAUTH_SUCCESS message instead of the SSH2_MSG_USERAUTH_REQUEST message that the server normally initiates authentication, an attacker can successfully authenticate without any credentials.

CVSS V3.0 Base Score 9.8

CVSS: 3.0/AV: N/AC: L/PR: N/UI: N/S: U/C: H/I: H/A: H

Affected version

  • Libssh version >= 0.6
  • Libssh version < 0.8.4
  • Libssh version < 0.7.6

Unaffected version

  • Libssh version = 0.8.4 , 0.7.6

Solution

It is recommended that affected users upgrade as soon as possible. You can download libssh version 0.8.4 or 0.7.6 here.