FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

py-asyncssh -- Allows bypass of authentication

Affected packages
py-asyncssh < 1.12.1

Details

VuXML ID 0e8f496a-b498-11e8-bdcf-74d435e60b7c
Discovery 2018-03-07
Entry 2018-12-08

mitre.org Reports:

The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests A customized SSH client can simply skip the authentication step.

[source]

References

URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7749

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.