Hi tor-relays,
This email is just to notify the list of a recent libssh vulnerability[1], and encourage any operators who may be running a vulnerable version of libssh to update.
It appears this only impacts libssh in server mode:
“This is an important security and maintenance release in order to address CVE-2018-10933., libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect to initiate authentication the attacker could successfully authenticate without any credentials.
The bug was discovered by Peter Winter-Smith of NCC Group.”
Thanks for being relay operators!
[1]: https://www.libssh.org/2018/10/16/libssh-0-8-4-and-0-7-6-security-and-bugfix...
tor-relays@lists.torproject.org