46 lines
1.0 KiB
Plaintext
46 lines
1.0 KiB
Plaintext
#
|
|
#
|
|
#
|
|
module LIBSSH_CVE_2018_10933;
|
|
|
|
export {
|
|
redef enum Log::ID += { LOG };
|
|
redef enum Notice::Type += { Vulnerable_Version };
|
|
}
|
|
|
|
event ssh_server_version(c: connection, version: string)
|
|
{
|
|
if ("libssh" !in version) {
|
|
return;
|
|
}
|
|
|
|
local vuln = F;
|
|
|
|
# Ex: SSH-2.0-libssh_0.7.4
|
|
local sv = split_string(version, /_/);
|
|
|
|
if (|sv| == 2) {
|
|
local ver = split_string(sv[1], /\./);
|
|
|
|
|
|
|
|
# 0.6.* and <0.7.6 is vulnerable to this CVE
|
|
if (to_count(ver[0]) == 0 && (to_count(ver[1]) == 7 || to_count(ver[1]) == 6) && to_count(ver[2]) < 6) {
|
|
vuln = T;
|
|
}
|
|
|
|
# <0.8.4 is vulnerable to this CVE
|
|
if (to_count(ver[0]) == 0 && to_count(ver[1]) == 8 && to_count(ver[2]) < 4) {
|
|
vuln = T;
|
|
}
|
|
|
|
if(!vuln) {
|
|
return;
|
|
}
|
|
|
|
NOTICE([$note=LIBSSH_CVE_2018_10933::Vulnerable_Version,
|
|
$msg = fmt("Vulnerable version found - %s", sv[1]),
|
|
$conn = c]);
|
|
}
|
|
}
|