Community discussions

MUM Europe 2020
 
User avatar
rendezz
just joined
Topic Author
Posts: 15
Joined: Mon Sep 17, 2018 11:07 am

libssh exploit, is Mikrotik affected?

Thu Oct 18, 2018 10:01 am

Is Mikrotik affected by the libssh bug described here?

https://arstechnica.com/information-tec ... ot-access/

I am not sure if libssh is used under the hood, it would be great to know one way or the other.

Thanks
Home of the Badjr, the cloud-managed business network router built on Mikrotik http://baselinecloud.com/badjr
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24325
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: libssh exploit, is Mikrotik affected?

Thu Oct 18, 2018 3:04 pm

We don't use Libssh
No answer to your question? How to write posts
 
User avatar
rendezz
just joined
Topic Author
Posts: 15
Joined: Mon Sep 17, 2018 11:07 am

Re: libssh exploit, is Mikrotik affected?

Thu Oct 18, 2018 4:16 pm

Great, thank you
Home of the Badjr, the cloud-managed business network router built on Mikrotik http://baselinecloud.com/badjr
 
tippenring
Member Candidate
Member Candidate
Posts: 179
Joined: Thu Oct 02, 2014 8:54 pm
Location: St Louis MO
Contact:

Re: libssh exploit, is Mikrotik affected?

Thu Oct 18, 2018 5:09 pm

Is Mikrotik affected by the libssh bug described here?

https://arstechnica.com/information-tec ... ot-access/

I am not sure if libssh is used under the hood, it would be great to know one way or the other.

Thanks
Thanks for asking. I was just researching this yesterday. I'll add the little info I found in case someone finds it useful.

The ROS header is "SSH-2.0-ROSSSH" while the vulnerable versions of libssh is "SSH-2.0-libssh-0.6.0". That could be caused by Mikrotik modifying the source code and recompiling.

I found some reference that some vulnerable versions could be found in the Linux kernel back into version 3 somewhere, which is in the same major revision that Mikrotik uses.

I didn't go so far as to attempt the actual hack. Ultimately because admin access to all of our managed devices are locked down to trusted IPs, none of our devices will be accessible anyway.
 
kylesebion
just joined
Posts: 1
Joined: Thu Oct 18, 2018 7:15 pm

Re: libssh exploit, is Mikrotik affected?

Thu Oct 18, 2018 7:19 pm

Good to hear that MikroTik does not use LibSSH.
I became concerned when i saw
77aaa000-77aac000 rw-p 00035000 00:0c 892 /bndl/security/lib/libssh.so
in 03_.proc from supout.rif.
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 24325
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: libssh exploit, is Mikrotik affected?

Fri Oct 19, 2018 4:17 pm

This is just a coincidence, our developers called our custom SSH library "lib ssh" because it is a ssh library :) No relation to that open source project.
No answer to your question? How to write posts

Who is online

Users browsing this forum: Google [Bot] and 54 guests