Ask Your Question
1

libssh in Wireshark 2.x for macOS susceptible to CVE-2018-10933 exploit?

asked 2018-10-31 21:51:11 +0000

aurica gravatar image

Can anyone confirm whether the libssh libraries used in Wireshark 2.x for macOS are vulnerable, or whether they're used in a fashion that would allow for the exploit as described here? LIBSSH_VERSION=0.7.4 appears in macos-setup.sh, and the patched version listed in CVE-2018-10933 is 0.7.6.

edit retag flag offensive close merge delete
add a comment

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-11-01 08:54:17 +0000

Lekensteyn gravatar image

The libssh vulnerability does not affect the majority of products since it only affects servers and not client applications. Wireshark uses libssh as a client for some external capture (extcap) utilities: sshdump and ciscodump.

In a default configuration, these applications won't even try to connect to any SSH server so even if there is a hypothetical client vulnerability, it will remain unaffected unless you explicitly configure the interface.

edit flag offensive delete link more
add a comment

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

subscribe to rss feed

Stats

Asked: 2018-10-31 21:51:11 +0000

Seen: 275 times

Last updated: Nov 01 '18

Related questions

Wireless controls are not supported in this version of wireshark

How to switch Mac OS NIC to monitor mode during use internet

How to fix "The capture session could not be initiated on interface" (You don't have permission to capture on that device)

Forcing Mac OS X to reconnect in monitor mode

Why is wireshark 2.6.1 forcing a specific keyboard layout on macOS when started with sudo? [closed]

How is interface "XHC20" created on macOS?

wireshark not capturing FTP on en0

interface XHC20 does not exist

Plugin shows up in source code wireshark but not application

I have filtered bt-dht UDP packets. Can Wireshark decode the bencoding for me?