PSIRT Advisory

CVE-2018-10933 libssh authentication bypass

Summary

libssh versions 0.6 and above have an authentication bypass vulnerability in
the server code. By presenting the server an SSH2_MSG_USERAUTH_SUCCESS message
in place of the SSH2_MSG_USERAUTH_REQUEST message which the server would expect
to initiate authentication, the attacker could successfully authenticate
without any credentials. [1]

Impact

Escalation of privilege

Affected Products

FortiAP - not affected
FortiAnalyzer - not affected
FortiOS  - not affected
FortiSwitch - not affected
FortiMail - not affected
FortiManager - not affected
FortiWeb - not affected

References