Trivial Authentication Bypass In Libssh Leaves Servers Wide Open

1

min read

A- A+

read

On October 17, 2018 Slashdot posted news that an authentication bypass in Libssh leaves servers open for hacking. 'Ars Technica reported: "a four-year-old bug in the Secure Shell implementation known as libssh that makes it trivial for just about anyone to gain unfettered administrative control of a vulnerable server."'

It's not clear how many sites or devices may be vulnerable since neither the widely used OpenSSH nor Github's implementation of libssh was affected. For the full report: https://it.slashdot.org/story/18/10/17/2259232/trivial-authentication-bypass-in-libssh-leaves-servers-wide-open

All files and information contained in this Website are copyright by Sine Nomine Associates, and may not be duplicated, copied, modified or adapted, in any way without our written permission. Our Website may contain our service marks or trademarks as well as those of our affiliates or other companies, in the form of words, graphics, and logos. Your use of our Website, Blog or Services does not constitute any right or license for you to use our service marks or trademarks, without the prior written permission of Sine Nomine Associates. Our Content, as found within our Website, is protected under United States and foreign copyrights. The copying, redistribution, use or publication by you of any such Content is strictly prohibited. Your use of our Website and Services does not grant you any ownership rights to our Content.