Can anyone confirm whether the libssh libraries used in Wireshark 2.x for macOS are vulnerable, or whether they're used in a fashion that would allow for the exploit as described here? LIBSSH_VERSION=0.7.4 appears in macos-setup.sh, and the patched version listed in CVE-2018-10933 is 0.7.6.
The libssh vulnerability does not affect the majority of products since it only affects servers and not client applications. Wireshark uses libssh as a client for some external capture (extcap) utilities: sshdump and ciscodump.
In a default configuration, these applications won't even try to connect to any SSH server so even if there is a hypothetical client vulnerability, it will remain unaffected unless you explicitly configure the interface.
Asked: 2018-10-31 21:51:11 +0000
Seen: 254 times
Last updated: Nov 01 '18
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
