Vendors confirm products affected by libssh bug as PoC code pops up on GitHub

libsshscan-output.png
Image: Leap Security

Products from major vendors such as F5 and Red Hat are affected by a major vulnerability that came to light this week and which resides in the libssh library.

The vulnerability, which is tracked in infosec circles as CVE-2018-10933, is an authentication bypass in the libssh code that handles server-side login procedures.

Servers or software applications that use the libssh code to allow users to log into them via the SSH protocol are affected.

The vulnerability is trivial to exploit and requires an attacker sending an affected server an “SSH2_MSG_USERAUTH_SUCCESS” request to trick the server into thinking the user has already authenticated.

The libssh team disclosed the vulnerability on Tuesday, October 16, and initially, it wasn’t clear how many products were affected, mainly because OpenSSH is a more popular library that’s more regularly used for SSH authentication systems.

But throughout the week, some companies have stepped forward and published security advisories for products that use vulnerable versions of the libssh library. The first to go public was OS maker Red Hat.

“This vulnerability affects libssh shipped in Red Hat Enterprise Linux 7 Extras,” the company said in an advisory.

Red Hat plans to update the libssh library version to a new one that’s not affected. Apps running on Red Hat systems that relied on the OS’ libssh library to support incoming SSH connections will be updated once the update goes live, or they could manually update the library themselves.

Other products that have been confirmed to be affected by this bug are F5 Networks BIG-IP load balancers. These are servers that take incoming traffic and spread it across a larger set of servers based on bandwidth load. They are often found in data centers, ISPs, or enterprise networks.

Until patches are available, F5 Networks has advised administrators to log into their BIG-IP systems by manually typing their password during a keyboard-interactive login session, rather than using the more common “public key authentication” system, where the libssh flaw resides.

Cisco has not gone on the record to confirm that its products are affected, but the company has started an investigation into a long list of products that apparently also use libssh. ZDNet readers can consult the full list of products and follow updates on Cisco’s investigation via this security advisory.

At the time of writing, no vendor or cyber-security firm has come forward to confirm exploitation attempts that leverage this vulnerability. Nevertheless, it will not take long until actual hacks take place.

Over the course of the week, at least four proof-of-concept (PoC) scripts have been uploaded on GitHub [1, 2, 3, 4], along with a scanner that can allegedly find servers that rely on libssh for SSH authentication.

According to Leap Security, there are around 3,000 servers connected to the Internet that use the library, and roughly 1,800-1,900 of them use a vulnerable version of the libssh library.

“If you have servers present within your organization using libssh ensure they are all patched as soon as possible. This vulnerability is trending and easily exploited,” said Leap Security in a blog post this week.

RELATED COVERAGE:

About the author

E-Crypto News was developed to assist all cryptocurrency investors in developing profitable cryptocurrency portfolios through the provision of timely and much-needed information. Investments in cryptocurrency require a level of detail, sensitivity, and accuracy that isn’t required in any other market and as such, we’ve developed our databases to help fill in information gaps.

Related Posts

E-Crypto News Executive Interviews



bitcoin
Bitcoin (BTC) $ 63,199.00
ethereum
Ethereum (ETH) $ 4,214.86
binance-coin
Binance Coin (BNB) $ 486.35
tether
Tether (USDT) $ 0.999814
cardano
Cardano (ADA) $ 2.16
solana
Solana (SOL) $ 213.10
xrp
XRP (XRP) $ 1.10
polkadot
Polkadot (DOT) $ 44.47
dogecoin
Dogecoin (DOGE) $ 0.263383
usd-coin
USD Coin (USDC) $ 1.00
USD
EUR
GBP
bitcoinBitcoin (BTC)
$ 63,199.00
ethereumEthereum (ETH)
$ 4,214.86
tetherTether (USDT)
$ 0.999814
bitcoin-cashBitcoin Cash (BCH)
$ 623.40
litecoinLitecoin (LTC)
$ 195.42
bitcoinBitcoin (BTC)
54.262,91
ethereumEthereum (ETH)
3.618,90
tetherTether (USDT)
0,858444
bitcoin-cashBitcoin Cash (BCH)
535,25
litecoinLitecoin (LTC)
167,79
bitcoinBitcoin (BTC)
45,929.49
ethereumEthereum (ETH)
3,063.12
tetherTether (USDT)
0.726609
bitcoin-cashBitcoin Cash (BCH)
453.05
litecoinLitecoin (LTC)
142.02

Automated trading with HaasBot Crypto Trading Bots

Crypto Scams

Behind The Scenes: How this Crypto Community Responded to + $50m Hack
October 18, 2021
Crypto Scams
Crypto Scams Still Persistent In 2021, SEC Warns About Red Flags To Watch
September 9, 2021
Poly Network
Here’s How Hackers Stole Over $600 million in the Poly Network Attack
August 12, 2021
The World’s Most Infamous Crypto Hacks and Scams
July 31, 2021
Cryptocurrency Exchanges
Cryptocurrency Exchanges and the Plague of Scams and Bans
June 29, 2021

Blockchain/Cryptocurrency Questions and Answers

ICo Presale
The Science Behind ICO Presales…
October 14, 2021
Beginner’s Guide to Investing in Cryptocurrency
August 9, 2021
Short-Sell Cryptocurrency
How to Short-Sell Cryptocurrency: A Brief Overview
July 17, 2021
Klaytn
What Is Klaytn (KLAY) And How Does It Work?
July 16, 2021
Cryptocurrencies
Our Crypto Roundup Interview Asks- Do Cryptocurrencies Have a Future?
July 15, 2021


CryptoCurrencyUSDChange 1hChange 24hChange 7d
Bitcoin63,125 0.30 % 4.27 % 2.50 %
Ethereum4,201.7 0.42 % 4.20 % 9.01 %
Binance Coin485.88 0.23 % 2.69 % 3.25 %
Tether0.9986 0.03 % 0.08 % 0.23 %
Cardano2.160 0.32 % 2.16 % 0.07 %
Solana211.33 0.68 % 10.88 % 32.20 %
XRP1.100 0.38 % 2.64 % 0.37 %
Polkadot30.87 2.19 % 17.29 % 10.73 %
Dogecoin0.2630 0.21 % 0.54 % 10.53 %
USD Coin1.000 0.14 % 0.20 % 0.17 %

bitcoin
Bitcoin (BTC) $ 63,199.00
ethereum
Ethereum (ETH) $ 4,214.86
binance-coin
Binance Coin (BNB) $ 486.35
tether
Tether (USDT) $ 0.999814
cardano
Cardano (ADA) $ 2.16
solana
Solana (SOL) $ 213.10
xrp
XRP (XRP) $ 1.10
polkadot
Polkadot (DOT) $ 44.47
dogecoin
Dogecoin (DOGE) $ 0.263383
usd-coin
USD Coin (USDC) $ 1.00