MikroTik

Is Mikrotik affected by the libssh bug described here?

https://arstechnica.com/information-tec ... ot-access/

I am not sure if libssh is used under the hood, it would be great to know one way or the other.

Thanks

We don't use Libssh

Great, thank you

Is Mikrotik affected by the libssh bug described here?

https://arstechnica.com/information-tec ... ot-access/

I am not sure if libssh is used under the hood, it would be great to know one way or the other.

Thanks

Thanks for asking. I was just researching this yesterday. I'll add the little info I found in case someone finds it useful.

The ROS header is "SSH-2.0-ROSSSH" while the vulnerable versions of libssh is "SSH-2.0-libssh-0.6.0". That could be caused by Mikrotik modifying the source code and recompiling.

I found some reference that some vulnerable versions could be found in the Linux kernel back into version 3 somewhere, which is in the same major revision that Mikrotik uses.

I didn't go so far as to attempt the actual hack. Ultimately because admin access to all of our managed devices are locked down to trusted IPs, none of our devices will be accessible anyway.

Good to hear that MikroTik does not use LibSSH.
I became concerned when i saw

77aaa000-77aac000 rw-p 00035000 00:0c 892 /bndl/security/lib/libssh.so

in 03_.proc from supout.rif.

This is just a coincidence, our developers called our custom SSH library "lib ssh" because it is a ssh library No relation to that open source project.