regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

The Qualys Threat Research Unit has discovered a Remote Unauthenticated Code Execution vulnerability in OpenSSH's server in glibc-based Linux systems.
CVE assigned to this vulnerability is CVE-2024-6387.
The vulnerability, which is a signal handler race condition in OpenSSH's server, allows unauthenticated remote code execution as root on glibc-based Linux systems; that presents a significant security risk.
In our security analysis, we identified that this vulnerability is a regression of the previously patched vulnerability CVE-2006-5051, which was reported in 2006.
Qualys has developed a working exploit for the regreSSHion vulnerability.
OpenBSD systems are unaffected by this bug, as OpenBSD developed a secure mechanism in 2001 that prevents this vulnerability.
This vulnerability is challenging to exploit due to its remote race condition nature, requiring multiple attempts for a successful attack.
Addressing the regreSSHion vulnerability in OpenSSH, which enables remote code execution on Linux systems, demands a focused and layered security approach.
Please check the Qualys Vulnerability Knowledgebase for the full list of coverage for this vulnerability.
With the Qualys Unified Dashboard, you can track the vulnerability exposure within your organization and view your impacted hosts, their status, distribution across environments, and overall management in real time, allowing you to see your mean time to remediation.
To make it easier for customers to track and manage regreSSHion vulnerability in their subscriptions, we have created the Manage regreSSHion dashboard, which you can download and import into your subscription.
We expect vendors to release patches for this vulnerability shortly.
Once patches are released, Qualys will find the relevant patches for this vulnerability and automatically add those patches to a patch job.
Yes, this vulnerability can be exploited remotely and allows unauthenticated remote code execution as root, posing a significant security risk.
Yes, we would encourage organizations to patch this vulnerability urgently, especially on their internet-facing assets.
The Qualys security team has taken immediate steps to protect our corporate infrastructure and products from any impact regarding the exploitation of this vulnerability.
Emergency patching procedures have been initiated to fully remediate the vulnerability.
A QID is reported as confirmed in authenticated scan results because these scans can access detailed information that verifies the vulnerability more reliably.
As the vulnerability begins to trend across various threat intelligence sources, our QDS will utilize these intelligent feeds for dynamic updates.
The update activates as soon as a vulnerability trends across various threat intelligence platforms.


This Cyber News was published on blog.qualys.com. Publication date: Mon, 01 Jul 2024 12:13:06 +0000


Cyber News related to regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

New regreSSHion OpenSSH RCE bug gives root on Linux servers - OpenSSH is a suite of networking utilities based on the Secure Shell protocol. It is extensively used for secure remote login, remote server management and administration, and file transfers via SCP and SFTP. The flaw, discovered by researchers at ...
5 months ago Bleepingcomputer.com
regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server - The Qualys Threat Research Unit has discovered a Remote Unauthenticated Code Execution vulnerability in OpenSSH's server in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler ...
5 months ago Blog.qualys.com
regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server - The Qualys Threat Research Unit has discovered a Remote Unauthenticated Code Execution vulnerability in OpenSSH's server in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler ...
5 months ago Packetstormsecurity.com
Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack - Millions of OpenSSH servers could be affected by a newly disclosed vulnerability that can be exploited for unauthenticated remote code execution. The flaw, tracked as CVE-2024-6387 and named regreSSHion, was discovered by the threat research unit at ...
5 months ago Securityweek.com
Threat Brief: CVE-2024-6387 OpenSSH RegreSSHion Vulnerability - On July 1, 2024, a critical signal handler race condition vulnerability was disclosed in OpenSSH servers on glibc-based Linux systems. Using Palo Alto Networks Xpanse data, we observed 23 million instances of OpenSSH servers including all versions. ...
5 months ago Unit42.paloaltonetworks.com
Critical OpenSSH vulnerability could affect millions of servers - Qualys disclosed a critical OpenSSH vulnerability and warned that more than 14 million potentially vulnerable server instances are exposed to the internet. In a blog post on Monday, Bharat Jogi, senior director of Qualys' Threat Research Unit, ...
5 months ago Techtarget.com
Openssh Flaw Exposes Millions of Linux to Arbitrary Code Attacks - A critical vulnerability has been discovered in OpenSSH, a widely used implementation of the SSH protocol, which could potentially expose millions of Linux systems to arbitrary code execution attacks. The flaw, identified in the sshd(8) component of ...
5 months ago Cybersecuritynews.com
Critical OpenSSH Flaw Enables Full System Compromise - Over 14 million OpenSSH instances exposed to the internet are now at risk following the discovery of a critical vulnerability in OpenSSH's server, according to a new analysis by Qualys. The remote unauthenticated code execution vulnerability could ...
5 months ago Infosecurity-magazine.com
Debian and Ubuntu Fixed OpenSSH Vulnerabilities - Debian and Ubuntu have released security updates for their respective OS versions, addressing five flaws discovered in the openssh package. In this article, we will delve into the intricacies of these vulnerabilities, shedding light on their nature ...
11 months ago Securityboulevard.com
SSH "regreSSHion" Remote Code Execution Vulnerability in OpenSSH. - Qualys published a blog posts with details regarding a critical remote code execution vulnerability. The CVEs associated with this vulnerability are CVE-2006-5051 and CVE-2024-6387, The reason for the two CVE numbers and the use of the old 2006 CVE ...
5 months ago Isc.sans.edu
A Fix is Available for a Security Flaw that Could Allow Unauthorized Access Before Authentication - The maintainers of OpenSSH have released a new version, 9.2, to fix a number of security issues, including a memory safety vulnerability in the OpenSSH server. This vulnerability, tracked as CVE-2023-25136, is a pre-authentication double free ...
1 year ago Thehackernews.com
CVE-2023-48795 - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client ...
3 weeks ago
'RegreSSHion' Bug Threatens Takeover of Millions of Linux Systems - An unauthenticated remote code execution vulnerability in the OpenSSH secure communications suite opens millions of Linux-based systems to takeover as root. It affects glibc-based Linux systems running sshd in its default configuration; it may also ...
5 months ago Darkreading.com
D-Link D-View 8 Unauthenticated Probe-Core Server Communication - A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. An unauthenticated remote attacker can register a host of his/her choice as a Probe server by sending ...
1 year ago Tenable.com
CVE-2019-16905 - OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an experimental key type, has a pre-authentication integer overflow if a client or server is configured to use a crafted XMSS key. This leads to memory corruption and local code execution ...
1 year ago
Critical unauthenticated RCE flaw in OpenSSH server - MUST READ. Critical unauthenticated remote code execution flaw in OpenSSH server. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities ...
5 months ago Securityaffairs.com
RegreSSHion: Critical Vulnerability in OpenSSH Exposes Millions of Servers - Advertising presented to you on this service can be based on limited data, such as the website or app you are using, your non-precise location, your device type or which content you are interacting with. Information about your activity on this ...
5 months ago Hackread.com
The Exploration of Static vs Dynamic Code Analysis - Two essential methodologies employed for this purpose are Static Code Analysis and Dynamic Code Analysis. Static Code Analysis involves the examination of source code without its execution. In this exploration of Static vs Dynamic Code Analysis, ...
11 months ago Feeds.dzone.com
CVE-2024-6409 - A signal handler race condition vulnerability was found in OpenSSH's server (sshd) in Red Hat Enterprise Linux 9, where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's ...
5 months ago
CVE-2020-8023 - A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of ...
4 years ago
The ticking time bomb of Microsoft Exchange Server 2013 - This is, of course, a common issue since 2021 or so, due to Exchange Server security woes- however there has been an abnormally high increase in the past few months, making me think there was some kind of Exchange Server zero day perhaps. In my own ...
1 year ago Doublepulsar.com
CVE-2023-25136 - OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to ...
10 months ago
Terrapin attacks can downgrade security of OpenSSH connections - Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used. This manipulation lets attackers remove ...
1 year ago Bleepingcomputer.com
Microsoft: Multiple Perforce Server Flaws Allow for Network Takeover - Microsoft has identified four vulnerabilities in the Perforce source-code management platform, the most critical of which gives attackers access to a highly privileged Windows OS account to potentially take over the system via remote code execution ...
1 year ago Darkreading.com
December 2023's Most Wanted Malware- The Resurgence of Qbot - Last month, Qbot malware was employed by cybercriminals as part of a limited-scale phishing attack targeting organizations in the hospitality sector. Seeing Qbot in the wild less than four months after its distribution infrastructure was dismantled ...
11 months ago Blog.checkpoint.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)