REDHAT-BUG-2423148
An insecure default configuration vulnerability exists in libssh on Windows systems where the library automatically loads configuration files from the C:\etc directory. Since this directory can be created and modified by unprivileged local users, an attacker can inject malicious SSH configuration or known-hosts entries. This enables local man-in-the-middle attacks, security downgrades of SSH connections, and manipulation of trusted host information. Exploitation requires only low privileges and no user interaction, posing a significant risk to the confidentiality, integrity, and availability of SSH communications that rely on libssh.
Affected Software
Event History
Frequently Asked Questions
What is the severity of REDHAT-BUG-2423148?
The severity of REDHAT-BUG-2423148 is considered high due to the risk of arbitrary code execution from insecure configurations.
How do I fix REDHAT-BUG-2423148?
To fix REDHAT-BUG-2423148, secure the C:\etc directory permissions to prevent unprivileged users from altering configuration files.
What systems are affected by REDHAT-BUG-2423148?
REDHAT-BUG-2423148 affects Windows systems using the libssh library.
What is the main vulnerability of REDHAT-BUG-2423148?
The main vulnerability of REDHAT-BUG-2423148 is the automatic loading of configuration files from a user-writable directory.
Can REDHAT-BUG-2423148 be exploited remotely?
REDHAT-BUG-2423148 requires local access, so it cannot be directly exploited remotely.