Products from major vendors such as F5 and Red Hat are affected by a major vulnerability that came to light this week[1] and which resides in the libssh library.
The vulnerability, which is tracked in infosec circles as CVE-2018-10933[2], is an authentication bypass in the libssh code that handles server-side login procedures.
Servers or software applications that use the libssh code to allow users to log into them via the SSH protocol are affected.
The vulnerability is trivial to exploit and requires an attacker sending an affected server an "SSH2_MSG_USERAUTH_SUCCESS" request to trick the server into thinking the user has already authenticated.
The libssh team disclosed the vulnerability on Tuesday, October 16, and initially, it wasn't clear how many products were affected, mainly because OpenSSH is a more popular library that's more regularly used for SSH authentication systems.
But throughout the week, some companies have stepped forward and published security advisories for products that use vulnerable versions of the libssh library. The first to go public was OS maker Red Hat.
"This vulnerability affects libssh shipped in Red Hat Enterprise Linux 7 Extras," the company said in an advisory[3].
Red Hat plans to update the libssh library version to a new one that's not affected. Apps running on Red Hat systems that relied on the OS' libssh library to support incoming SSH connections will be updated once the update goes live, or they could manually update the library themselves.
Other products that have been confirmed to be affected by this bug are F5 Networks BIG-IP load balancers. These are servers that take incoming traffic and spread it across a larger set of servers based on bandwidth