Posted on
October 17, at
2:2 PM

New reports claim that a security was found in libssh, a popular library used for supporting the SSH authentication protocol. According to experts, such a has the potential to endanger of enterprise servers, and leave them vulnerable to hijacking.

to this flaw, attackers can easily bypass authentication procedures implemented as a level of server protection. In doing so, attackers could get to servers with enabled SSH connection. In such a scenario, a potential hacker could completely eliminate any need for a .

In case of an attack, hackers can send a false message to servers. Instead of the message being “SSH2_MSG_USERAUTH_REQUEST” hackers could change it into “SSH2_MSG_USERAUTH_SUCCESS”. As a result, the server would grant them access instead of questioning their identity.

In short, servers can be tricked into thinking that the authentication process has already taken place.

The situation may not be as bad as it sounds

The vulnerability was named CVE-2018-10933, and its origins were tracked to a libssh 0.6.0 update that was released in January 2014. Soon after its discovery, the libssh team released two new versions that will patch the flaw. These versions include 0.8.4 and 0.7.6, which were released yesterday.

The bug itself was originally discovered by NCC Group’s Peter Winter-Smith. Additionally, Cybereason’s head of security research, Amit Serper, estimated that the library affected around 3,000 servers.

In terms of coding, the vulnerability is seen as an extremely bad. However, when it comes to real-world computing, the situation may not be so dire after all. This is due to the fact that most IoT devices, servers, and personal computers tend to implement openssh library instead of libssh.

Among the largest that are supporting libssh is GitHub, but its security team already confirmed that GitHub is not affected by the bug. This is a good news since if GitHub was vulnerable, anyone could have accessed both the source code, as well as the intellectual property of some of the largest firms in the world.

For now, it was only confirmed that the vulnerable code is present in libssh’s server-side code. What this means is that computers that have libssh-based SSH client are not in danger of having their systems accessed. That is unless the client is designed to also run as an SSH server. So far, no exploits have been reported. However, it is likely that additional reports will start appearing in the next several days.

Summary

Thousands Of Servers Vulnerable To Hacking Due To libssh Flaw  - wAAACwAAAAAAQABAEACAkQBADs  - Thousands Of Servers Vulnerable To Hacking Due To libssh Flaw

Article Name

Thousands Of Servers Vulnerable To Due To libssh Flaw

Description

New reports claim that a security flaw was found in libssh, a popular library used for supporting the SSH authentication protocol. According to experts, such a flaw has the potential to endanger thousands of enterprise servers, and leave them vulnerable to hijacking.

Author


Ali Raza

Publisher Name


Koddos

Publisher Logo





Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here