VDB

GCVE-VVD-MAGEIA-2019-43

GCVE-VVD-MAGEIA-2019-43
Advisory Published
Vulnetix · Advisory published June 27, 2019
libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication, the attacker could successfully authentciate without any credentials (CVE-2018-10933).
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiarpmdrake0 (affected), 6.27.1-1.mga6 (unaffected)
Mageialibssh0 (affected), 0.7.7-1.mga6 (unaffected), 0 (affected), 0.7.7-1.mga6 (unaffected)

Aliases

CVE-2018-10933

Transitive aliases

GHSA-22gf-f5w4-hrfqEUVD-2018-2986BDU:2018-01221cisco-sa-20181019-libsshVVD-GENTOO-2018-668788

References

Updated libssh packages fix security vulnerability
advisory
Updated libssh packages fix security vulnerability
issue
Updated libssh packages fix security vulnerability
issue
Updated libssh packages fix security vulnerability
issue
Updated libssh packages fix security vulnerability
issue
Updated rpmdrake makes it honor /etc/urpmi/prefer.vendor.list
advisory
Updated rpmdrake makes it honor /etc/urpmi/prefer.vendor.list
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›