thomask@lemmy.sdf.org to

Cybersecurity@sh.itjust.worksEnglish · 5 months ago

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

5

38

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

thomask@lemmy.sdf.org to

Cybersecurity@sh.itjust.worksEnglish · 5 months ago

5

The following summary from Debian’s security list:

The Qualys Threat Research Unit (TRU) discovered that OpenSSH, an implementation of the SSH protocol suite, is prone to a signal handler race condition. If a client does not authenticate within LoginGraceTime seconds (120 by default), then sshd’s SIGALRM handler is called asynchronously and calls various functions that are not async-signal-safe. A remote unauthenticated attacker can take advantage of this flaw to execute arbitrary code with root privileges. This flaw affects sshd in its default configuration.

Chat

cron
link
fedilink
English
arrow-up
4·
5 months ago
That looks horrible.
- qprimed@lemmy.ml
  link
  fedilink
  English
  arrow-up
  2
  arrow-down
  1·
  edit-2
  5 months ago
  indeed, but your SSH ports should not be hanging out in the wind for any old IP to hit.
  - cron
    link
    fedilink
    English
    arrow-up
    3·
    5 months ago
    openssh is typically quite robust, this is a rare exception

Cybersecurity@sh.itjust.works

cybersecurity@sh.itjust.works

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !cybersecurity@sh.itjust.works

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We’re all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your “friends” socials you’re just going to get banned so don’t do that.

Learn about hacking

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

Visibility: Public

This community can be federated to other instances and be posted/commented in by their users.

29 users / day
495 users / week
1.42K users / month
4.28K users / 6 months
51 local subscribers
5.73K subscribers
976 Posts
1.86K Comments
Modlog