libSSH CVE-2018-10933 预警
Contents
相关资料
影响范围
2018/10/17 shodan 搜索结果展示约有 6,353 主机使用了 libssh.
1 KDE uses libssh for the sftp file transfers
2 GitHub implemented their git ssh server with libssh
3 X2Go is a Remote Desktop solution for Linux
4 csync a bidirectional file synchronizer
5 Remmina the GTK+/Gnome Remote Desktop Client
6 XMBC a media player and entertainment hub for digital media
7 GNU Gatekeeper a full featured H.323 gatekeeper
如何区分当前主机 SSH 类型 (libSSH or OpenSSH)
#
# 方案一
cd /usr/bin
ldd ./* | grep 'libssh'
# 方案二
rpm -aq | grep 'libssh'
# 方案三
telnet 22 看 banner
libSSH banner 案例
SSH-2.0-libssh
Open SSH banner 案例
SSH-2.0-OpenSSH
SSH-2.0-OpenSSH_7.6 FreeBSD-openssh-portable-7.6.p1_1,1
关于复现
据 360CERT 复现的人员说明,
此漏洞较难复现,一定条件下需要修改服务端的部分代码。
漏洞检测
https://github.com/blacknbunny/libSSH-Authentication-Bypass/
Nessus 搜索 CVE-2018-10933
https://www.tenable.com/plugins/search
相关通告
libssh 安全通告
https://www.libssh.org/security/advisories/CVE-2018-10933.txt
libssh CVE-2018-10933 身份验证绕过漏洞分析报告 – 360CERT
https://cert.360.cn/report/detail?id=a407dddd655dba34405688b1498c3aa1
漏洞通告:libssh 身份验证 (CVE-2018-10933) – Satnam Narang, Tenable
wechat
nmap seclists
https://seclists.org/oss-sec/2018/q4/65
libSSH-Authentication-Bypass
https://github.com/blacknbunny/libSSH-Authentication-Bypass/
漏洞预警 | libssh cve-2018-10933 预警
https://www.anquanke.com/post/id/162134
Leave a Reply