CVE-2018-10933

A vulnerability was found in libssh’s server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.

Date published : 2018-10-17

http://www.securityfocus.com/bid/105677

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10933