July 15, 2024 at 07:24AM OpenSSH recently faced a second remote code execution vulnerability, named regreSSHion. Discovered by Qualys and Openwall founder Alexander Peslyak, the bug impacts OpenSSH servers and a race condition in the ‘privsep’ child process. Another flaw, tracked as CVE-2024-6409, was also found, with impacted Linux distributions releasing advisories and patches. Windows … Read more
July 1, 2024 at 10:08AM Glibc-based Linux systems should upgrade OpenSSH’s server due to a new bug (CVE-2024-6387) revealed by Qualys researchers. They discovered a race condition vulnerability that could lead to remote code execution, affecting potentially hundreds of thousands of instances. Systems running on OpenBSD are exempt, and Qualys recommends specific patches and network-based … Read more
July 1, 2024 at 09:39AM A new OpenSSH vulnerability, known as “regreSSHion,” allows unauthenticated remote attackers to gain root privileges on glibc-based Linux systems. If exploited, it could lead to severe consequences such as system takeover and data manipulation. The vulnerability affects OpenSSH servers on Linux from version 8.5p1 up to version 9.8p1 and can … Read more