[3.7] py-paramiko: Authentication bypass in auth_handler.py (CVE-2018-1000805)| ID: oval:org.secpod.oval:def:1801336 | Date: (C)2019-05-30 (M)2022-10-28 |
| Class: PATCH | Family: unix |
Python Paramiko through versions 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5 and 1.17.6 is vulnerable to an authentication bypass in paramiko/auth_handler.py. A remote attacker could exploit this vulnerability in paramiko SSH servers to execute arbitrary code. Fixed In Version:¶ python-paramiko 2.4.2, python-paramiko 2.3.3, python-paramiko 2.2.4, python-paramiko 2.1.6, python-paramiko 2.0.9
| Platform: |
| Alpine Linux 3.7 |
