Security flaw in Secure Shell’s implementation library luckily did not affect GitHub

Security flaw in Secure Shell’s implementation library luckily did not affect GitHub

Security researcher Peter Winter-Smith from NCC Group recently discovered a vulnerability in Secure Shell’s implementation library (Libssh) which allows attackers to bypass the authentication and gain command over a remote server.

By sending a specific message which fakes a successful authentication to the targeted server, the attacker is granted access without even being asked for a password. As the flaw impacted the Libssh version 0.6 which was released in 2014, the zero-day bug had been there for four years. According to The Hacker News the Libssh team already patched the flaw in their latest update.

Read more about this server vulnerability and if you could be affected here.

Copyright Lyonsdown Limited 2021

Top Articles

With cyber attacks on the rise, the Royal Family seeks a cyber security expert

The Royal Household is looking for a cyber security engineer to monitor networks and protect digital systems from hacking attacks.

Colonial Pipeline paid $5 million in ransom to DarkSide ransomware group

Colonial Pipeline paid $5 million to the DarkSide ransomware group to restore operations within hours after a ransomware attack paralysed fuel supplies in the U.S. east coast.

HSE forced to shut down computer systems due to 'significant cyber attack'

Ireland's public healthcare system, HSE, has been forced to shut down its computer systems as hospital administrators became aware of a 'significant ransomware attack' on Thursday evening.

Related Articles