Have a good Friday guys :\
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181019-libssh
Trimmed report below. Cisco has not confirmed yet which devices are vulnerable.
Summary
A vulnerability in libssh could allow an unauthenticated, remote attacker to bypass authentication on a targeted system.
The vulnerability is due to improper authentication operations by the server-side state machine of the affected software. An attacker could exploit this vulnerability by presenting a SSH2_MSG_USERAUTH_SUCCESS message to a targeted system. A successful exploit could allow the attacker to bypass authentication and gain unauthorized access to a targeted system.
No comments:
Post a Comment