libssh vulnerability: Critical flaw in Linux and Mac SSH/SFTP services

A critical vulnerability has been discovered in libssh – the implementation library for Secure Shell (SSH) that could allow anyone connect to computers remotely without knowing your password. Please, install the latest patches for your systems and pay attention to this critical information.

Who is using libssh?

Libssh is used mostly to allow secure connections between server and clients. It is used for secure file transfers (secure FTP) between different computers in projects like KDE and produces secure connections in projects like Github and X2Go etc. l

How an attacker can gain access to your server?

Instead of request to authenticate in the system, an attacker can send a request that authentication is already successful and gain up to the highest permissions and execute absolutely arbitrary code. In fact, attacker presents the server a SSH2_MSG_USERAUTH_SUCCESS message
in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect
to initiate authentication.


Which devices are affected?

Servers that are using libssh versions 0.6 and above are vulnerable

How to check if you’re vulnerable?

You can easily check whether you are vulnerable using code below:

How to fix up?

To fix this vulnerability you should visit the official site

and update your libssh library.


Get the Help You Need

Cybersecurity is our core expertise. Let’s get in touch and you will learn more about how UnderDefense can benefit your organization 

Next Readers

Risk-based cyber resiliency

Risk-based cyber resiliency

Risk-based cyber resiliency Customer view: Guest blog by Michael Rezek, VP, Cybersecurity Strategy at AccedianIt’s may be possible to spend less on cybersecurity and get more protectionWhat we have witnessed over the last couple of decades as the traditional approach...

read more
Detecting reconnaissance activity in your network

Detecting reconnaissance activity in your network

Detecting reconnaissance activity in your networkBy Bogdan VennykOne of the main services we provide at UnderDefense is 24x7 Monitoring with our Security Operation Center (SOC) and a critical part of great SOC is ..., RIGHT! - its detection capabilities. That is why...

read more

Do you have any questions?

Please leave your contact below and we’ll get back to you shortly.

Pin It on Pinterest

Share This