A four-year-old severe vulnerability has been discovered in the Secure Shell (SSH) implementation library known asthat. The vulnerability resides due to a coding error in Libssh and is “ridiculously simple” to exploit. Around 6,500 internet-facing servers may be impacted due to the use of Libssh one or the other way. Neither the widely used OpenSSH nor Github’s implementation of libssh was affected by the vulnerability. The Libssh team addressed the issue with the release of its updated libssh versions 0.8.4 and 0.7.6 on Tuesday.
Source: https://thehackernews.com/2018/10/libssh-ssh-protocol-library.html