一、 漏洞 CVE-2018-10933 基础信息
漏洞标题
N/A
来源:AIGC 神龙大模型
漏洞描述信息
在 libssh 服务器端状态机在 0.7.6 和 0.8.4 版本之前发现了一个漏洞。一个恶意客户端可以在未经验证的情况下创建通道,导致未经授权的访问。
来源:AIGC 神龙大模型
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
来源:AIGC 神龙大模型
漏洞类别
N/A
来源:AIGC 神龙大模型
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
libssh server-side state machine 安全漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
libssh是一个用于访问SSH服务的C语言开发包,它能够执行远程命令、文件传输,同时为远程的程序提供安全的传输通道。server-side state machine是其中的一个服务器端状态机。 libssh的server-side state machine 0.7.6之前版本和0.8.4之前版本中存在安全漏洞。攻击者可借助恶意的客户端利用该漏洞在不进行身份验证的情况下创建通道,进而获取未授权的访问权限。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
授权问题
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2018-10933 的公开POC
# POC 描述 源链接 神龙链接
1 CVE-2018-10933 very simple POC https://github.com/SoledaD208/CVE-2018-10933 POC详情
2 Spawn to shell without any credentials by using CVE-2018-10933 (LibSSH) https://github.com/blacknbunny/CVE-2018-10933 POC详情
3 CVE-2018-10933 sshlib user authentication attack - docker lab, test and exploit https://github.com/hook-s3c/CVE-2018-10933 POC详情
4 Leveraging it is a simple matter of presenting the server with the SSH2_MSG_USERAUTH_SUCCESS message, which shows that the login already occurred without a problem. The server expects the message SSH2_MSG_USERAUTH_REQUEST to start the authentication procedure, but by skipping it an attacker can log in without showing any credentials. https://github.com/kn6869610/CVE-2018-10933 POC详情
5 Script to identify hosts vulnerable to CVE-2018-10933 https://github.com/gojhonny/libssh-scanner POC详情
6 None https://github.com/likescam/CVE-2018-10933_ssh POC详情
7 None https://github.com/likescam/CVE-2018-10933-libSSH-Authentication-Bypass POC详情
8 Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933) https://github.com/marco-lancini/hunt-for-cve-2018-10933 POC详情
9 cve-2018-10933 libssh authentication bypass https://github.com/hackerhouse-opensource/cve-2018-10933 POC详情
10 None https://github.com/cve-2018/cve-2018-10933 POC详情
11 libssh CVE-2018-10933 https://github.com/jas502n/CVE-2018-10933 POC详情
12 Variant of hackerhouse-opensource/cve-2018-10933 https://github.com/ninp0/cve-2018-10933_poc POC详情
13 None https://github.com/pghook/CVE-2018-10933_Scanner POC详情
14 LibSSH Authentication Bypass Exploit using RCE https://github.com/Virgula0/POC-CVE-2018-10933 POC详情
15 CVE-2018-10933 https://github.com/shifa123/pythonprojects-CVE-2018-10933 POC详情
16 a python script to exploit libssh authentication vulnerability https://github.com/xFreed0m/CVE-2018-10933 POC详情
17 CVE-2018-10933 https://github.com/Bifrozt/CVE-2018-10933 POC详情
18 CVE-2018-10933 POC (LIBSSH) https://github.com/r3dxpl0it/CVE-2018-10933 POC详情
19 A libssh CVE-2018-10933 scanner written in rust https://github.com/ivanacostarubio/libssh-scanner POC详情
20 None https://github.com/throwawayaccount12312312/precompiled-CVE-2018-10933 POC详情
21 Multi-threaded, reliable scanner for CVE-2018-10933. https://github.com/reanimat0r/bpnd-libssh POC详情
22 None https://github.com/ensimag-security/CVE-2018-10933 POC详情
23 Implementation of CVE-2018-10933 with CIDR block scanner https://github.com/0xadaw/libSSH-bypass POC详情
24 libSSH bypass https://github.com/sambiyal/CVE-2018-10933-POC POC详情
25 LibSSH Authentication Bypass CVE-2018-10933 https://github.com/nikhil1232/LibSSH-Authentication-Bypass POC详情
26 Takes advantage of CVE-2018-10933 https://github.com/Kurlee/LibSSH-exploit POC详情
27 None https://github.com/crispy-peppers/Libssh-server-CVE-2018-10933 POC详情
28 Authentication Bypass in Server Code for LibSSH https://github.com/youkergav/CVE-2018-10933 POC详情
29 None https://github.com/kristyna-mlcakova/CVE-2018-10933 POC详情
30 None https://github.com/lalishasanduwara/CVE-2018-10933 POC详情
31 CVE-2018-10933_Scanner https://github.com/JoSecMx/CVE-2018-10933_Scanner POC详情
32 None https://github.com/cyberharsh/Libssh-server-CVE-2018-10933 POC详情
33 libSSH-Authentication-Bypass https://github.com/Rubikcuv5/CVE-2018-10933 POC详情
34 None https://github.com/SilasSpringer/CVE-2018-10933 POC详情
35 Proof of Concept for CVE-2018-10933 https://github.com/HSw109/CVE-2018-10933-PoC POC详情
36 Proof of Concept for CVE-2018-10933 https://github.com/HSw109/CVE-2018-10933 POC详情
37 Script to identify hosts vulnerable to CVE-2018-10933 https://github.com/jobroche/libssh-scanner POC详情
38 None https://github.com/likekabin/CVE-2018-10933_ssh POC详情
39 None https://github.com/likekabin/CVE-2018-10933-libSSH-Authentication-Bypass POC详情
40 None https://github.com/Threekiii/Awesome-POC/blob/master/%E5%85%B6%E4%BB%96%E6%BC%8F%E6%B4%9E/Libssh%20%E6%9C%8D%E5%8A%A1%E7%AB%AF%E6%9D%83%E9%99%90%E8%AE%A4%E8%AF%81%E7%BB%95%E8%BF%87%E6%BC%8F%E6%B4%9E%20CVE-2018-10933.md POC详情
41 https://github.com/vulhub/vulhub/blob/master/libssh/CVE-2018-10933/README.md POC详情
三、漏洞 CVE-2018-10933 的情报信息