A security flaw in libssh leaves thousands of servers at risk of hijacking.
Excerpt: "The vulnerability allows an attacker to bypass authentication procedures and gain access to a server with an SSH connection enabled without having to enter the password. An attacker can do this by sending the SSH server "SSH2_MSG_USERAUTH_SUCCESS" message instead of the "SSH2_MSG_USERAUTH_REQUEST" message that a server usually expects and which libssh uses as a sign that an authentication procedure needs to initiate. Because of a coding error, when libssh receives the "SSH2_MSG_USERAUTH_SUCCESS" message, it will interpret this as the "authentication has already taken place" and will grant the attacker access to the local server."
Source: Catalin Cimpanu, ZDNet Date
Published: October 17, 2018
To read the complete article see: https://www.zdnet.com/article/security-flaw-in-libssh-leaves-thousands-of-servers-at-risk-of-hijacking/
