logo

Query Exchange

Built off the open source project Osquery

The VMware Carbon Black Tech Zone is live! Checkout this great resource: Mastering Carbon Black Audit & Remediation.

Libssh vulnerability - CVE-2018-10933

Status: Approved Submitted by on ‎09-20-2019 06:55 PM

Description: Query checks for the libssh vulnerability where clients create channels before authenticating, which can lead to unauthorized access.

What The Data Shows: Data will show what servers have a vulnerable version of libssh. More details can be found at https://nvd.nist.gov/vuln/detail/CVE-2018-10933

SQL: 

SELECT name, version from rpm_packages 
WHERE name LIKE '%libssh%' 
    AND name NOT LIKE '%libssh2' 
    AND version != '0.8.4' 
    AND version != '0.7.6'; 

 

1 Comment
jnelson
Carbon Black Employee
‎10-02-2019 07:29 AM
‎10-02-2019 07:29 AM
Status changed to: Approved
 
logo

Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.