August 12, 2024 at 07:12AM The FreeBSD Project released security updates to fix a high-severity flaw in OpenSSH (CVE-2024-7589), allowing remote code execution with elevated privileges. The issue involves a signal handler in sshd(8) that calls a non-async-signal-safe logging function, potentially leading to a race condition for unauthenticated remote code execution as root. Users are … Read more
July 17, 2024 at 04:44AM The article “The Potential Impact of the OpenSSH Vulnerabilities CVE-2024–6387 and CVE-2024-6409” describes vulnerabilities in OpenSSH, namely “regreSSHion” and the signal handler race condition. It explains the technical details, exploitability in x64 systems, potential impact, and mitigation strategies. The vulnerabilities’ real-world impact is considered low due to the complexity of … Read more
July 15, 2024 at 07:24AM OpenSSH recently faced a second remote code execution vulnerability, named regreSSHion. Discovered by Qualys and Openwall founder Alexander Peslyak, the bug impacts OpenSSH servers and a race condition in the ‘privsep’ child process. Another flaw, tracked as CVE-2024-6409, was also found, with impacted Linux distributions releasing advisories and patches. Windows … Read more
July 1, 2024 at 03:48PM A remote code execution vulnerability in OpenSSH, named “RegreSSHion,” allows attackers to take over Linux systems. The bug, with a CVSS score of 8.1, enables root access and poses significant security risks. Despite its challenging exploitability, the need for rigorous security measures and prompt patching is emphasized, with updates available … Read more
July 1, 2024 at 10:08AM Glibc-based Linux systems should upgrade OpenSSH’s server due to a new bug (CVE-2024-6387) revealed by Qualys researchers. They discovered a race condition vulnerability that could lead to remote code execution, affecting potentially hundreds of thousands of instances. Systems running on OpenBSD are exempt, and Qualys recommends specific patches and network-based … Read more
July 1, 2024 at 09:39AM A new OpenSSH vulnerability, known as “regreSSHion,” allows unauthenticated remote attackers to gain root privileges on glibc-based Linux systems. If exploited, it could lead to severe consequences such as system takeover and data manipulation. The vulnerability affects OpenSSH servers on Linux from version 8.5p1 up to version 9.8p1 and can … Read more
July 1, 2024 at 08:06AM OpenSSH has issued security updates for a critical flaw enabling unauthenticated remote code execution with root privileges in glibc-based Linux systems. Dubbed CVE-2024-6387, the race condition bug affects versions 8.5p1 to 9.7p1, potentially leading to full system compromise. Users are urged to apply the latest patches and enforce network-based controls … Read more
May 15, 2024 at 08:00AM The Ebury Linux botnet, active since 2009, has continued to grow, with over 100,000 infected systems in 2023, and it has impacted over 400,000 hosts. ESET reports that the operators are highly active, using various tactics to compromise and exploit servers, including targeting Tor exit nodes and cryptocurrency wallets. Key … Read more
April 1, 2024 at 10:06AM Multiple major Linux distributions have been hit by a supply chain attack through XZ Utils data compression library, resulting in a backdoor for unauthenticated access. The attack affects various Linux distributions, with tools available to detect the malicious library. Reverting to an untainted version of XZ Utils eliminates the threat, … Read more
December 20, 2023 at 03:44AM The SSH protocol vulnerability, dubbed the Terrapin Attack, can be exploited in man-in-the-middle attacks to weaken SSH security. By injecting messages during the handshake and blocking certain messages, attackers can downgrade security, potentially compromising user credentials. Mitigations include software updates and disabling vulnerable encryption modes. Details were disclosed by computer … Read more