News Centre

LibSSH Server Flaw Allows Hackers Access Without Password

Article by diogo@techpatrol.com.au
October 18, 2018

SHARE THIS POST:

SSH-terminal-Tech-Patrol

Libssh is a four-year-old vulnerability that allows anyone to completely bypass authentication and gain unfettered administrative control over a vulnerable server without requiring a password. We thought that this was dead however it has now been discovered in the Secure Shell (SSH) implementation library.

Peter Winter-Smith form NCC Group discovered a security bug Tracked as CVE-2018-10933, the security vulnerability is an authentication-bypass issue that was introduced in Libssh version 0.6 released earlier 2014, this not only hit smaller servers but this vulnerability affected thousands of enterprises leaving their servers open to hackers for the last four years.

According to a security advisory published Tuesday, all an attacker needs to do is sending an “SSH2_MSG_USERAUTH_SUCCESS” message to a server with an SSH connection enabled when it expects an “SSH2_MSG_USERAUTH_REQUEST” message.

How does it work?

There is a logical flaw in libssh where the library fails to validate if the incoming “successful login” packet was sent by the server or the client, and also fails to check if the authentication process has been completed or not.

Meaning that is a remote attacker or a ‘client’ sends this “SSH2_MSG_USERAUTH_SUCCESS” response to libssh, it considers that the authentication has been successful and will grant the attacker full access to the companies servers, without needing to enter any passwords.

 

 

Continued…

GitHub, known as “the world’s leading software development company” a company that has just been acquired by Microsoft for $7.5 Billion also uses libssh, however, the company has come out saying that the official website and GitHub Enterprise have not been affected by the vulnerability due to how GitHub uses the library.

 

Shodan search is showing that around 6,500 internet-facing servers may have been affected by this vulnerability due to the use of Libssh.

The Libssh Response

The Libssh security team has addresses the issues directly with the release of a new update, versions 0.8.4 and 0.7.6 on Tuesday, and not only these updates have been released by the team but also the details of the vulnerability were also released.

Summary

If you know what you’re doing and understand Libssh and know if you are using the library, we would highly advise that you check your servers and install the updated versions as soon as possible. Otherwise, if you don’t understand and would like to know if you’ve been affected we are currently offering a free system vulnerability check so please contact us as soon as possible.

 

Other articles you may enjoy:

Share your thoughts in the Comments section:

Subscribe For The Latest In Technology

Other Posts You May Like

TECH NEWS & UPDATES

Please enter your name.
Please enter a valid email address.
Something went wrong. Please check your entries and try again.

RECENT POSTS

Microsoft Azure

Introduction to Azure – A Core Cloud Service

Microsoft Responds to COVID-19

Microsoft Responds To COVID-19 By Offering E1 Licenses Free For The Next 6-Months

teams_video_calls_intelligent_workplace

Microsoft Teams vs Zoom. What is right for your business?

Microsoft Azure

Azure Firewall Manager now supports virtual networks.

White Paper

Enjoy this free eBook

Tech Patrol - Microsoft Office 365

White Paper (Why businesses Are Migrating to Cloud)

  • This field is for validation purposes and should be left unchanged.
libssh-server-flaw-allows-hackers-access-without-password-tech-success
Scroll to Top