Built off the open source project Osquery
Description: Query checks for the libssh vulnerability where clients create channels before authenticating, which can lead to unauthorized access.
What The Data Shows: Data will show what servers have a vulnerable version of libssh. More details can be found at https://nvd.nist.gov/vuln/detail/CVE-2018-10933
SQL:
SELECT name, version from rpm_packages
WHERE name LIKE '%libssh%'
AND name NOT LIKE '%libssh2'
AND version != '0.8.4'
AND version != '0.7.6';
Copyright © 2005-2023 Broadcom. All Rights Reserved. The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.