You are here
Home > Preporuke > Sigurnosni nedostatak programske biblioteke libssh

Sigurnosni nedostatak programske biblioteke libssh

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3795-2
October 22, 2018

libssh vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.10

Summary:

libssh could allow unintended access to network services.

Software Description:
– libssh: A tiny C SSH library

Details:

USN-3795-1 fixed a vulnerability in libssh. This update provides the
corresponding update for Ubuntu 18.10.

Original advisory details:

Peter Winter-Smith discovered that libssh incorrectly handled
authentication when being used as a server. A remote attacker could use
this issue to bypass authentication without any credentials.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.10:
libssh-4 0.8.1-1ubuntu0.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
https://usn.ubuntu.com/usn/usn-3795-2
https://usn.ubuntu.com/usn/usn-3795-1
CVE-2018-10933

Package Information:
https://launchpad.net/ubuntu/+source/libssh/0.8.1-1ubuntu0.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlvOE6IACgkQZWnYVadE
vpNmYRAAl7yapsiQyhwNawVJ8kR3ZHpCSYb56uCcpaZYvdh+lkNtQf8Bl/vKEBkX
j37VJnJuT4iJom519qlnf6Rn+7fHQMtQ36Um/HnR5j0i/WQvZWqBzVAIU/v/JJpQ
Uqr087YlglfLwrxjAtwYDdTxRPdJjwllnhYJAWPI/mqNpXxm6MSsINgaGlT+0eWp
chUS9/ItitQbH/f1ebVPv5rklw9TqrT7mj+WcHxGDh6OGiODcDI5HXey/xfLUeXa
6prLzol8SXUOaN8eUT4uHQRPKKCNB+bCPVneNxx37l3vIxYauDUf4+ED7ZtILL+F
AOAYDfOjA3VlMRbC+w3a6XvLaQPddOEj3DvqXrUHIo/IK7usUeA5cNAqJ9JINjfC
ra8XpikwJ4kpknoOKdbox49tFSZgNuIWyECf5N7mPvnIEO7a+1aTIQ4ckJ+sNyLx
K4xDHJkvRHMNt958pCQWfCtgHH4K+uzAvW+60+ryeIeEQ4wCHZzurDyND6s7xIQ4
7W3CC74rWzroKEMpU+1FDuL9As+LG0C4Kqxr44Ot3tFbtjyvrtj0erDNaFXnhuUu
Of0MGLpsm2qYa3dGAeK8vc5O51xc7ujGaUoJwMslG1GjELPPZiQfvIZWz4D1O8Y+
RBHolA7DKIbulE+n9AllonfMWcMz5pCU+OOfMEJ9tfWSCkgG3xY=
=J+LQ
—–END PGP SIGNATURE—–

AutorJosip Papratovic
Cert idNCERT-REF-2018-10-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostatak programske biblioteke paramiko

Otkriven je sigurnosni nedostatak programske biblioteke paramiko za operacijski sustav Ubuntu. Otkriveni nedostatak potencijalnim napadačima omogućuje zaobilaženje sigurnosnih ograničenja. Savjetuje...

Close