This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

libSSH report?

df1823
Engaged Sweeper II

‎10-23-2018 03:35 PM

Hi

I know this is probably a long shot but has anyone got a report (or being able to point me in the right direction) to search for machines that might be running libssh, so i can then see if they are vulnerable to CVE-2018-10933

Thanks
Labels:
0 Kudos
3 REPLIES 3
Esben_D
Lansweeper Employee
Lansweeper Employee

‎10-24-2018 05:16 PM

I had a few linux machines in my test environment that did have libSSH in the installed software. So I presume it shows up if it's installed.
0 Kudos
df1823
Engaged Sweeper II

‎10-24-2018 12:35 PM

Thanks that didnt show up anything in the report, so i probed a little deeper and ran the report which shows devices with SSH enabled on them, then i ran various NMAP scripts to confirm that libSSH isnt running on those devices
0 Kudos
Esben_D
Lansweeper Employee
Lansweeper Employee

‎10-23-2018 04:59 PM

I'm assuming that libSSH just shows up under installed software, if so, the following should work. Do note that the report isn't filtered on anything else but software name. I didn't really look into the vulnerability and which versions it affects.

Select Top 1000000 tblAssets.AssetID,
  tblAssets.AssetName,
  tblAssets.IPAddress,
  tsysIPLocations.IPLocation,
  tblAssetCustom.Manufacturer,
  tblAssetCustom.Model,
  tblLinuxSystem.OSRelease,
  tblSoftwareUni.softwareName,
  tblLinuxSoftware.Version,
  tblAssets.Lastseen,
  tblAssets.Lasttried
From tblAssets
  Inner Join tblAssetCustom On tblAssets.AssetID = tblAssetCustom.AssetID
  Inner Join tsysAssetTypes On tsysAssetTypes.AssetType = tblAssets.Assettype
  Left Join tsysIPLocations On tsysIPLocations.LocationID = tblAssets.LocationID
  Inner Join tblState On tblState.State = tblAssetCustom.State
  Inner Join tblLinuxSoftware On tblAssets.AssetID = tblLinuxSoftware.AssetID
  Inner Join tblSoftwareUni On
    tblSoftwareUni.SoftID = tblLinuxSoftware.SoftwareUniID
  Inner Join tblLinuxSystem On tblAssets.AssetID = tblLinuxSystem.AssetID
Where tblSoftwareUni.softwareName Like '%LibSSH%' And tblState.Statename =
  'Active'
Order By tblAssets.Domain,
  tblAssets.AssetName
0 Kudos

Reports & Analytics

Ask about reports you're interested in and share reports you've created. Subscribe to receive daily updates of reports shared in the Community.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now
Top