Ask Your Question
1

libssh in Wireshark 2.x for macOS susceptible to CVE-2018-10933 exploit?

asked 2018-10-31 21:51:11 +0000

aurica gravatar image

Can anyone confirm whether the libssh libraries used in Wireshark 2.x for macOS are vulnerable, or whether they're used in a fashion that would allow for the exploit as described here? LIBSSH_VERSION=0.7.4 appears in macos-setup.sh, and the patched version listed in CVE-2018-10933 is 0.7.6.

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
0

answered 2018-11-01 08:54:17 +0000

Lekensteyn gravatar image

The libssh vulnerability does not affect the majority of products since it only affects servers and not client applications. Wireshark uses libssh as a client for some external capture (extcap) utilities: sshdump and ciscodump.

In a default configuration, these applications won't even try to connect to any SSH server so even if there is a hypothetical client vulnerability, it will remain unaffected unless you explicitly configure the interface.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2018-10-31 21:51:11 +0000

Seen: 47 times

Last updated: Nov 01