You are here
Home > Preporuke > Ranjivost Cisco proizvoda

Ranjivost Cisco proizvoda

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

Cisco Security Advisory: libssh Authentication Bypass Vulnerability Affecting Cisco Products: October 2018

Advisory ID: cisco-sa-20181019-libssh

Revision: 1.0

For Public Release: 2018 October 19 16:00 GMT

Last Updated: 2018 October 19 16:00 GMT

CVE ID(s): CVE-2018-10933

+———————————————————————

Summary

=======

A vulnerability in libssh could allow an unauthenticated, remote attacker to bypass authentication on a targeted system.

The vulnerability is due to improper authentication operations by the server-side state machine of the affected software. An attacker could exploit this vulnerability by presenting a SSH2_MSG_USERAUTH_SUCCESS message to a targeted system. A successful exploit could allow the attacker to bypass authentication and gain unauthorized access to a targeted system.

This advisory will be updated as additional information becomes available.

This advisory is available at the following link:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181019-libssh [“https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181019-libssh”]

—–BEGIN PGP SIGNATURE—–

iQJ5BAEBAgBjBQJbygj7XBxDaXNjbyBQcm9kdWN0IFNlY3VyaXR5IEluY2lkZW50
IFJlc3BvbnNlIFRlYW0gKENpc2NvIFBTSVJUIGtleSAyMDE4LTIwMTkpIDxwc2ly
dEBjaXNjby5jb20+AAoJEJa12PPJBfczJqkQALhudIXeTdUcjppezCwZzIK/CY3F
sEP3x8YQBEuYu6Odtj/91SmsoHuhBREJ9TgZoPQ06UNDrsPiqv4/DF5B9//jOhiZ
nw2Ls7ZiHv4MxtW80Et+UoHpubRjr201sdEuhefL7qb+OfI4qYXyJpNF2ELOoLlB
YcLUU28p6iGw7GBmpLYIxUhpdTmiC/70dqybAgu9XN8Gib4DaS4bAkGRzIbCwkVF
vq9/JfkKl2HjjOAB+AhNyKYnl98DilY2IRysFtLNSCULxfjN0o7HgBu7/LL/oL4D
WY/+UT/oUu9fHTCOs3NM4Ao3GaQG2yxyPd0/AtnCHBLVkQvAZunhyEjmebhWuthU
5tzTq6iRnYZ6YMNNxDg0/b5zUwHqG20VL2gX3/5hOVeEM1U1vf1eK20gcllYQBBQ
Bn2+Y2EnKfJnMxAkJOC1eEfY9nwx4hRWX4uxUdBPuJulXC0JvOVUozRwko86Qe3g
CW9b84t3zXGwbT9vOQ8di94a2b71I23D9DQxKWOV81ZvUPIleCFpd2l7T8wWZuKw
QBXWALfdPxmGng3DblAQZvicD+ALB3hBuaVoTLHTDke/ZZX8tL79O0fNJvfJ+XeH
d+YopY+jfJfQqpgTDyyeY/iSeg69Du6FMrmF1FCOUXDLKq+gBUCLCRTblku5WTU6
Ur3txFLESuZRwd/U
=v2q7
—–END PGP SIGNATURE—–

_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com

Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke libssh

Otkriven je sigurnosni nedostatak programske biblioteke libssh za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje zaobilaženje sigurnosnih ograničenja. Savjetuje...

Close