Security flaw in Secure Shell’s implementation library luckily did not affect GitHub

Security flaw in Secure Shell’s implementation library luckily did not affect GitHub

Security researcher Peter Winter-Smith from NCC Group recently discovered a vulnerability in Secure Shell’s implementation library (Libssh) which allows attackers to bypass the authentication and gain command over a remote server.

By sending a specific message which fakes a successful authentication to the targeted server, the attacker is granted access without even being asked for a password. As the flaw impacted the Libssh version 0.6 which was released in 2014, the zero-day bug had been there for four years. According to The Hacker News the Libssh team already patched the flaw in their latest update.

Read more about this server vulnerability and if you could be affected here.

Copyright Lyonsdown Limited 2020

Top Articles

Universal Health Services lost $67m to a Ryuk ransomware attack last year

Universal Health Services said the cyber attack cost it $67 million in remediation efforts, loss of acute care services, and other expenses.

How the human immune system inspired a new approach to cyber-security

Artificial intelligence is being used to understand what’s ‘normal’ inside digital systems and autonomously fight back against cyber-threats

Solarwinds CEO blames former intern for hilarious password fiasco

SolarWinds has accused a former intern of creating a very weak password for its update server and storing it on a GitHub server for months.

Related Articles