FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

py-asyncssh -- Allows bypass of authentication

Affected packages
py-asyncssh < 1.12.1

Details

VuXML ID 0e8f496a-b498-11e8-bdcf-74d435e60b7c
Discovery 2018-03-07
Entry 2018-12-08

mitre.org Reports:

The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests A customized SSH client can simply skip the authentication step.

References

URL https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7749