July 3, 2024 at 06:24AM Qualys discovered a critical OpenSSH vulnerability, CVE-2024-6387, known as regreSSHion, that allows unauthenticated attackers to execute remote code. More than 14 million OpenSSH instances are potentially vulnerable. Exploitation is challenging and not yet confirmed in the wild. While attempts have been made, Palo Alto Networks was unable to achieve remote … Read more
July 1, 2024 at 03:48PM A remote code execution vulnerability in OpenSSH, named “RegreSSHion,” allows attackers to take over Linux systems. The bug, with a CVSS score of 8.1, enables root access and poses significant security risks. Despite its challenging exploitability, the need for rigorous security measures and prompt patching is emphasized, with updates available … Read more
July 1, 2024 at 10:08AM Glibc-based Linux systems should upgrade OpenSSH’s server due to a new bug (CVE-2024-6387) revealed by Qualys researchers. They discovered a race condition vulnerability that could lead to remote code execution, affecting potentially hundreds of thousands of instances. Systems running on OpenBSD are exempt, and Qualys recommends specific patches and network-based … Read more
July 1, 2024 at 09:39AM A new OpenSSH vulnerability, known as “regreSSHion,” allows unauthenticated remote attackers to gain root privileges on glibc-based Linux systems. If exploited, it could lead to severe consequences such as system takeover and data manipulation. The vulnerability affects OpenSSH servers on Linux from version 8.5p1 up to version 9.8p1 and can … Read more