Metasploit modules that can be used to exploit Netapp » Storage Automation Store
-
libssh Authentication Bypass Scanner
Disclosure Date: 2018-10-16First seen: 2020-04-26auxiliary/scanner/ssh/libssh_auth_bypassThis module exploits an authentication bypass in libssh server code where a USERAUTH_SUCCESS message is sent in place of the expected USERAUTH_REQUEST message. libssh versions 0.6.0 through 0.7.5 and 0.8.0 through 0.8.3 are vulnerable. Note that this module's success depends on whether the server code can trigger the correct (shell/exec) callbacks despite only the state machine's authenticated state being set. Therefore, you may or may not get a shell if the server requires additional code paths to be followed. Authors: - Peter Winter-Smith - wvu <wvu@metasploit.com>
1 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details