CVE-2006-5051 and CVE-2024-6387 Patched in OpenSSH
-
SANS ☛ SSH "regreSSHion" Remote Code Execution Vulnerability in OpenSSH.
The CVEs associated with this vulnerability are CVE-2006-5051 and CVE-2024-6387, [...]
-
Qualys ☛ regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)
With these improvements, it takes ~10,000 tries on average to win this race condition; i.e., with 10 connections (MaxStartups) accepted per 600 seconds (LoginGraceTime), it takes ~1 week on average to obtain a remote root shell.
-
OpenSSH ☛ OpenSSH: Release Notes
This release contains fixes for two security problems, one critical and one minor.
-
GamingOnLinux ☛ Flaw in OpenSSH Server nicknamed regreSSHion could cause some problems
If you're dealing with Linux servers, or you have an active OpenSSH Server on your desktop, you may want to look into regreSSHion.
-
ArchLinux ☛ The sshd service needs to be restarted after upgrading to openssh-9.8p1
After upgrading to openssh-9.8p1, the existing SSH daemon will be unable to accept new connections (see https://gitlab.archlinux.org/archlinux/packaging/packages/openssh/-/issues/5). When upgrading remote hosts, please make sure to restart the sshd service using systemctl try-restart sshd right after upgrading.
-
Parabola GNU/Linux-libre: restart sshd immediately after upgrade
-
Linuxiac ☛ OpenSSH 9.8 Fixes Critical sshd Vulnerability
OpenSSH 9.8 enhances security, fixing critical race conditions in sshd and logic errors in ssh.
-
LWN ☛ Serious vulnerability fixed with OpenSSH 9.8
OpenSSH 9.8 has been
released, fixing an ugly vulnerability:
Successful exploitation has been demonstrated on 32-bit Linux/glibc
systems with ASLR. Under lab conditions, the attack requires on
average 6-8 hours of continuous connections up to the maximum the
server will accept. Exploitation on 64-bit systems is believed to
be possible but has not been demonstrated at this time. It's likely
that these attacks will be improved upon.
Exploitation on non-glibc systems is conceivable but has not been
examined.
There is a
configuration workaround for systems that cannot be updated, though it
has its own problems. See this Qualys
advisory for more details.
-
The Register UK ☛ Nasty regreSSHion bug affects around 700K Linux systems
Infosec researchers at Qualys published their findings today, revealing that sshd is vulnerable to a race condition that could allow an unauthenticated attacker to achieve remote code execution (RCE) on potentially hundreds of thousands of targets. Successful exploitation could give intruders root-level access to a system, allowing them to potentially get away with virtually anything.
Of the 14 million possibly vulnerable sshd instances that show up on Censys and Shodan scans, Qualys believes that roughly 700,000 of these internet-facing instances could feasibly be hit by regreSSHion – the name researchers gave to the flaw based on its roots.
-
Silicon Angle ☛ Qualys warns of OpenSSH vulnerability researchers are calling 'extremely dangerous'
The vulnerability, tracked as CVE-2024-6387 and dubbed “regreSSHion,” is a remote unauthenticated code execution vulnerability in OpenSSH’s server in glibc-based server systems. OpenSSH’s server is a secure network utility that provides encrypted communication for remote server management and secure data transfers over unsecured networks.