""ET POLICY Potentially Vulnerable LibSSH Server Observed - Possible Authentication Bypass (CVE-2018-10933)""
SID: 2026526
Revision: 1
Class Type: bad-unknown
Metadata: attack_target Client_Endpoint, created_at 2018_10_19, cve CVE_2018_10933, deployment Perimeter, signature_severity Major, tag CVE_2018_10933, updated_at 2018_10_19
Reference:
-
cve
-
2018-10933
Protocol: tcp
Source Network: $EXTERNAL_NET
Source Port: $SSH_PORTS
Destination Network: any
Destination Port: any
Flow: from_server,established
Contents:
- Value: "SSH-2.0-libssh-0." Depth: 17
Within:
PCRE: "/^[67].[01235]/R"
Special Options: