CVE-2018-10933
CVE-2018-10933
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Produtos afetados
[UNKNOWN] · libsshPoCs públicas encontradas — 41
githubgithub.com/blacknbunny/CVE-2018-10933★ 498githubgithub.com/jobroche/libssh-scanner★ 235githubgithub.com/SoledaD208/CVE-2018-10933★ 126githubgithub.com/hackerhouse-opensource/cve-2018-10933★ 110githubgithub.com/jas502n/CVE-2018-10933★ 22githubgithub.com/kn6869610/CVE-2018-10933★ 14githubgithub.com/Virgula0/POC-CVE-2018-10933★ 11githubgithub.com/marco-lancini/hunt-for-cve-2018-10933★ 10githubgithub.com/nikhil1232/LibSSH-Authentication-Bypass★ 6githubgithub.com/HSw109/CVE-2018-10933★ 4githubgithub.com/xFreed0m/CVE-2018-10933★ 3githubgithub.com/shifa123/pythonprojects-CVE-2018-10933★ 2githubgithub.com/Rubikcuv5/CVE-2018-10933★ 1githubgithub.com/r3dxpl0it/CVE-2018-10933★ 1githubgithub.com/ivanacostarubio/libssh-scanner★ 1githubgithub.com/likekabin/CVE-2018-10933-libSSH-Authentication-Bypass★ 1githubgithub.com/lalishasanduwara/CVE-2018-10933★ 0githubgithub.com/SilasSpringer/CVE-2018-10933★ 0githubgithub.com/bidaoui4905/CVE-2018-10933★ 0githubgithub.com/opsifiz/CVE-2018-10933★ 0githubgithub.com/Remnant-DB/CVE-2018-10933★ 0githubgithub.com/cyberharsh/Libssh-server-CVE-2018-10933★ 0githubgithub.com/hook-s3c/CVE-2018-10933★ 0githubgithub.com/likekabin/CVE-2018-10933_ssh★ 0githubgithub.com/cve-2018/cve-2018-10933★ 0githubgithub.com/ninp0/cve-2018-10933_poc★ 0githubgithub.com/pghook/CVE-2018-10933_Scanner★ 0githubgithub.com/Bifrozt/CVE-2018-10933★ 0githubgithub.com/throwawayaccount12312312/precompiled-CVE-2018-10933★ 0githubgithub.com/reanimat0r/bpnd-libssh★ 0githubgithub.com/ensimag-security/CVE-2018-10933★ 0githubgithub.com/0xadaw/libSSH-bypass★ 0githubgithub.com/sambiyal/CVE-2018-10933-POC★ 0githubgithub.com/Kurlee/LibSSH-exploit★ 0githubgithub.com/crispy-peppers/Libssh-server-CVE-2018-10933★ 0githubgithub.com/youkergav/CVE-2018-10933★ 0githubgithub.com/kristyna-mlcakova/CVE-2018-10933★ 0githubgithub.com/JoSecMx/CVE-2018-10933_Scanner★ 0exploitdbwww.exploit-db.com/exploits/46307não verificadocve_referencewww.exploit-db.com/exploits/45638/não verificadoexploitdbwww.exploit-db.com/exploits/45638não verificado⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10933https://lists.debian.org/debian-lts-announce/2018/10/msg00010.htmlhttps://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0016https://security.netapp.com/advisory/ntap-20190118-0002/https://usn.ubuntu.com/3795-1/https://usn.ubuntu.com/3795-2/https://www.debian.org/security/2018/dsa-4322https://www.exploit-db.com/exploits/45638/https://www.libssh.org/security/advisories/CVE-2018-10933.txthttps://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.htmlhttp://www.securityfocus.com/bid/105677