CVE-2018-7750: Paramiko not properly checking authentication before processing other requests
(updated )
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step.
References
- access.redhat.com/errata/RHSA-2018:0591
- access.redhat.com/errata/RHSA-2018:0646
- access.redhat.com/errata/RHSA-2018:1124
- access.redhat.com/errata/RHSA-2018:1125
- access.redhat.com/errata/RHSA-2018:1213
- access.redhat.com/errata/RHSA-2018:1274
- access.redhat.com/errata/RHSA-2018:1328
- access.redhat.com/errata/RHSA-2018:1525
- access.redhat.com/errata/RHSA-2018:1972
- github.com/advisories/GHSA-232r-66cg-79px
- github.com/paramiko/paramiko
- github.com/paramiko/paramiko/blob/e861c7697622774071ce73b46ffe8817eacdedfa/sites/www/changelog.rst?plain=1
- github.com/paramiko/paramiko/blob/master/sites/www/changelog.rst
- github.com/paramiko/paramiko/commit/e9dfd854bdaf8af15d7834f7502a0451d217bb8c
- github.com/paramiko/paramiko/commit/fa29bd8446c8eab237f5187d28787727b4610516
- github.com/paramiko/paramiko/issues/1175
- github.com/pypa/advisory-database/tree/main/vulns/paramiko/PYSEC-2018-19.yaml
- lists.debian.org/debian-lts-announce/2018/10/msg00018.html
- lists.debian.org/debian-lts-announce/2021/12/msg00025.html
- nvd.nist.gov/vuln/detail/CVE-2018-7750
- usn.ubuntu.com/3603-1
- usn.ubuntu.com/3603-2
- web.archive.org/web/20190831123128/http://www.securityfocus.com/bid/103713
- www.exploit-db.com/exploits/45712
Code Behaviors & Features
Detect and mitigate CVE-2018-7750 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →