- Status Closed
- Percent Complete
- Task Type Security Issue
- Category Any
-
Assigned To
Emulatorman - Operating System All
- Severity Critical
- Priority Very High
- Reported Version Any
- Due in Version Milky Way v0.3
-
Due Date
Undecided
- Votes
- Private
Attached to Project: Packages
Opened by belette - 17/10/2018
Last edited by Emulatorman - 12/08/2019
Opened by belette - 17/10/2018
Last edited by Emulatorman - 12/08/2019
FS#1227 - [libssh] CVE-2018-10933
Description:
libssh versions 0.6 and above have an authentication bypass vulnerability in
the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message
in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect
to initiate authentication, the attacker could successfully authentciate
without any credentials.
Additional info:
* package version(s) : extra/libssh 0.7.5-1
Loading...
Available keyboard shortcuts
- Alt + ⇧ Shift + l Login Dialog / Logout
- Alt + ⇧ Shift + a Add new task
- Alt + ⇧ Shift + m My searches
- Alt + ⇧ Shift + t focus taskid search
Tasklist
- o open selected task
- j move cursor down
- k move cursor up
Task Details
- n Next task
- p Previous task
- Alt + ⇧ Shift + e ↵ Enter Edit this task
- Alt + ⇧ Shift + w watch task
- Alt + ⇧ Shift + y Close Task
Task Editing
- Alt + ⇧ Shift + s save task