Packages

  • Status Closed
  • Percent Complete
    100%
  • Task Type Security Issue
  • Category Any
  • Assigned To
    Emulatorman
  • Operating System All
  • Severity Critical
  • Priority Very High
  • Reported Version Any
  • Due in Version Milky Way v0.3
  • Due Date Undecided
  • Votes
  • Private
Attached to Project: Packages
Opened by belette - 17/10/2018
Last edited by Emulatorman - 12/08/2019

FS#1227 - [libssh] CVE-2018-10933

Description:
libssh versions 0.6 and above have an authentication bypass vulnerability in
the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message
in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect
to initiate authentication, the attacker could successfully authentciate
without any credentials.

Additional info:
* package version(s) : extra/libssh 0.7.5-1

CVE

Closed by  Emulatorman
12.08.2019 01:10
Reason for closing:  Fixed
Date User Effort (H:M)
watch my effort tracking timers

Loading...

Available keyboard shortcuts

Tasklist

Task Details

Task Editing