5 matches found
Ubuntu 18.04 ESM : AsyncSSH vulnerability (USN-4854-1)
The remote Ubuntu 18.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4854-1 advisory. Matthijs Kooijman discovered that AsyncSSH server did not properly handle authentication under certain conditions. An attacker with a specially crafted client cou...
pyplanet (>=0.1.5 <=0.5.4) potentially affected by CVE-2018-7749 via asyncssh (>=1.10.0 <=1.11.1)
asyncssh PYPI version =1.10.0, =0.1.5, =0.5.4 Source cves: CVE-2018-7749 Source advisory: OSV:PYSEC-2018-108...
CVE-2018-7749
The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step...
DEBIAN-CVE-2018-7749
The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step...
CVE-2018-7749
The CVE-2018-7749 issue affects the AsyncSSH SSH server implementation (Python library) prior to version 1.12.1. The root cause is that the server does not properly verify that authentication is completed before processing other requests, allowing a specially crafted client to skip authentication...