Libssh : Security Vulnerabilities, CVEs, (Bypass)
A vulnerability was found in libssh, where the authentication check of the connecting client can be bypassed in the`pki_verify_data_signature` function in memory allocation problems. This issue may happen if there is insufficient memory or the memory usage is limited. The problem is caused by the return value `rc,` which is initialized to SSH_ERROR and later rewritten to save the return value of the function call `pki_key_check_hash_compatible.` The value of the variable is not changed between this point and the cryptographic verification. Therefore any error between them calls `goto error` returning SSH_OK.
Max CVSS
6.5
EPSS Score
0.14%
Published
2023-05-26
Updated
2024-02-01
CVE-2018-10933
Public exploit
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
Max CVSS
9.1
EPSS Score
14.23%
Published
2018-10-17
Updated
2019-10-09
2 vulnerabilities found