Openssh: regresshion - race condition in ssh allows rce/dos 漏洞信息(CVE-2024-6387)

一、漏洞 CVE-2024-6387 基础信息

漏洞信息

                                        # OpenSSH：regresshion - SSH中的竞态条件导致RCE/DoS

## 漏洞概述
OpenSSH服务端(sshd)中发现了一个安全回归漏洞（CVE-2006-5051）。存在竞态条件（race condition），导致sshd在处理某些信号时方式不安全。未经身份验证的远程攻击者可能通过在设定时间内未能完成身份验证来触发此漏洞。

## 影响版本
未指定具体影响版本，但漏洞存在于OpenSSH的sshd中。

## 漏洞细节
此漏洞由竞态条件引起，导致sshd在处理某些信号时可能存在不安全的方式。如果远程攻击者在特定的时间段内未能完成身份验证，就可能触发该漏洞。

## 影响
未经身份验证的远程攻击者若在规定时间内未能完成身份验证，可能触发该漏洞。这可能导致sshd以不安全的方式处理信号，从而带来潜在的安全风险。

神龙判断

是否为 Web 类漏洞： 是

判断理由：

是。这个漏洞是CVE-2006-5051，存在于OpenSSH的服务器端组件sshd中。由于处理信号时存在竞争条件，未认证的远程攻击者可能通过在设定的时间内未完成认证来触发这一漏洞。这表明漏洞影响的是服务端的处理逻辑。

提示

尽管我们采用了先进的大模型技术，但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确，但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利！

漏洞标题

Openssh: regresshion - race condition in ssh allows rce/dos

来源：美国国家漏洞数据库 NVD

漏洞描述信息

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

来源：美国国家漏洞数据库 NVD

CVSS信息

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

来源：美国国家漏洞数据库 NVD

漏洞类别

信号处理例程中的竞争条件

来源：美国国家漏洞数据库 NVD

漏洞标题

OpenSSH 安全漏洞

来源：中国国家信息安全漏洞库 CNNVD

漏洞描述信息

OpenSSH（OpenBSD Secure Shell）是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现，支持对所有的传输进行加密，可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 存在安全漏洞，该漏洞源于信号处理程序中存在竞争条件，攻击者利用该漏洞可以在无需认证的情况下远程执行任意代码并获得系统控制权。

来源：中国国家信息安全漏洞库 CNNVD

CVSS信息

N/A

来源：中国国家信息安全漏洞库 CNNVD

漏洞类别

其他

来源：中国国家信息安全漏洞库 CNNVD

二、漏洞 CVE-2024-6387 的公开POC

#	POC 描述	源链接	神龙链接
1	a signal handler race condition in OpenSSH's server (sshd)	https://github.com/zgzhang/cve-2024-6387-poc	POC详情
2	None	https://github.com/acrono/cve-2024-6387-poc	POC详情
3	None	https://github.com/lflare/cve-2024-6387-poc	POC详情
4	Spirit - Network Pentest Tools CVE-2024-6387	https://github.com/theaog/spirit	POC详情
5	None	https://github.com/shyrwall/cve-2024-6387-poc	POC详情
6	None	https://github.com/getdrive/CVE-2024-6387-PoC	POC详情
7	SSHd cve-2024-6387-poc	https://github.com/FerasAlrimali/CVE-2024-6387-POC	POC详情
8	None	https://github.com/passwa11/cve-2024-6387-poc	POC详情
9	None	https://github.com/jack0we/CVE-2024-6387	POC详情
10	CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH	https://github.com/xaitax/CVE-2024-6387_Check	POC详情
11	Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2006-5051 , CVE-2008-4109 and others.	https://github.com/bigb0x/CVE-2024-6387	POC详情
12	CLI Tool to Check SSH Servers for Vulnerability to CVE-2024-6387	https://github.com/wiggels/regresshion-check	POC详情
13	SSH RCE PoC CVE-2024-6387	https://github.com/3yujw7njai/CVE-2024-6387	POC详情
14	OpenSSH CVE-2024-6387 Vulnerability Checker	https://github.com/betancour/OpenSSH-Vulnerability-test	POC详情
15	None	https://github.com/zgimszhd61/cve-2024-6387-poc	POC详情
16	None	https://github.com/yya1233/CVE-2024-6387-Updated-SSH-RCE	POC详情
17	None	https://github.com/muyuanlove/CVE-2024-6387fixshell	POC详情
18	Recently, the OpenSSH maintainers released security updates to fix a critical vulnerability that could lead to unauthenticated remote code execution (RCE) with root privileges. This vulnerability, identified as CVE-2024-6387, resides in the OpenSSH server component (sshd), which is designed to listen for connections from client applications.	https://github.com/TAM-K592/CVE-2024-6387	POC详情
19	This is a POC I wrote for CVE-2024-6387	https://github.com/teamos-hub/regreSSHion	POC详情
20	None	https://github.com/Maikefee/CVE-2024-6387_Check.py	POC详情
21	None	https://github.com/ahlfors/CVE-2024-6387	POC详情
22	None	https://github.com/Mufti22/CVE-2024-6387-checkher	POC详情
23	CVE-2024-6387 exploit	https://github.com/thegenetic/CVE-2024-6387-exploit	POC详情
24	RCE OpenSSH CVE-2024-6387 Check	https://github.com/HadesNull123/CVE-2024-6387_Check	POC详情
25	This script, created by R4Tw1z, is designed to scan IP addresses to check if they are running a potentially vulnerable version of OpenSSH. The tool leverages multi-threading to optimize scanning performance and handle multiple IP addresses concurrently.	https://github.com/R4Tw1z/CVE-2024-6387	POC详情
26	This Python script exploits a remote code execution vulnerability (CVE-2024-6387) in OpenSSH.	https://github.com/d0rb/CVE-2024-6387	POC详情
27	None	https://github.com/oliferFord/CVE-2024-6387-SSH-RCE	POC详情
28	Used to detect ssh servers vulnerable to CVE-2024-6387. Shameless robbery from https://github.com/bigb0x/CVE-2024-6387 using ChatGPT to translate the code to PHP.	https://github.com/CiderAndWhisky/regression-scanner	POC详情
29	Script for checking CVE-2024-6387 (regreSSHion)	https://github.com/shamo0/CVE-2024-6387_PoC	POC详情
30	CVE-2024-6387-nmap	https://github.com/paradessia/CVE-2024-6387-nmap	POC详情
31	This Go program scans targets for CVE-2024-6387 in OpenSSH, categorizing servers by vulnerability status and port availability.	https://github.com/SecWithMoh/CVE-2024-6387	POC详情
32	Private x64 RCE exploit for CVE-2024-6387 [02.07.2024] from exploit.in	https://github.com/PrincipalAnthony/CVE-2024-6387-Updated-x64bit	POC详情
33	None	https://github.com/k4t3pr0/CVE-2024-6387-POC	POC详情
34	An Ansible Playbook to mitigate the risk of RCE (CVE-2024-6387) until platforms update OpenSSH to a non-vulnerable version.	https://github.com/DanWiseProgramming/CVE-2024-6387-Mitigation-Ansible-Playbook	POC详情
35	openssh-cve-2024-6387.sh	https://github.com/rumochnaya/openssh-cve-2024-6387.sh	POC详情
36	Mitigation Guide for CVE-2024-6387 in OpenSSH	https://github.com/zenzue/CVE-2024-6387-Mitigation	POC详情
37	None	https://github.com/devarshishimpi/CVE-2024-6387-Check	POC详情
38	cve-2024-6387_AImade	https://github.com/hssmo/cve-2024-6387_AImade	POC详情
39	None	https://github.com/ACHUX21/checker-CVE-2024-6387	POC详情
40	CVE-2024-6387 with auto ip scanner and auto expliot	https://github.com/AiGptCode/ssh_exploiter_CVE-2024-6387	POC详情
41	A bash script for nmap to scan for vulnerable machines in regards to the latest CVE-2024-6387	https://github.com/xristos8574/regreSSHion-nmap-scanner	POC详情
42	CVE-2024-6387 (regreSSHion) Exploit (PoC), a vulnerability in OpenSSH's server (sshd) on glibc-based Linux systems.	https://github.com/xonoxitron/regreSSHion	POC详情
43	开箱即用的AK47	https://github.com/no-one-sec/CVE-2024-6387	POC详情
44	None	https://github.com/dawnl3ss/CVE-2024-6387	POC详情
45	None	https://github.com/MrR0b0t19/CVE-2024-6387-Exploit-POC	POC详情
46	CVE-2024-6387 : Vulnerability Detection tool for regreSSHion Remote Unauthenticated Code Execution in OpenSSH Server	https://github.com/th3gokul/CVE-2024-6387	POC详情
47	Test_CVE-2024-6387 is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH	https://github.com/n1cks0n/Test_CVE-2024-6387	POC详情
48	PoC - Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)	https://github.com/l0n3m4n/CVE-2024-6387	POC详情
49	CVE-2024-6387-Check is a streamlined and efficient tool created to detect servers operating on vulnerable versions of OpenSSH.	https://github.com/RickGeex/CVE-2024-6387-Checker	POC详情
50	Quickly identifies servers vulnerable to OpenSSH 'regreSSHion' (CVE-2024-6387).	https://github.com/xonoxitron/regreSSHion-checker	POC详情
51	None	https://github.com/BrandonLynch2402/cve-2024-6387-nuclei-template	POC详情
52	None	https://github.com/edsonjt81/CVE-2024-6387_Check	POC详情
53	None	https://github.com/EkaterinaMarchetti/CVE-2024-6387-regreSSHion-Checker	POC详情
54	regreSSHion vulnerability in OpenSSH CVE-2024-6387 Testing Script	https://github.com/grupooruss/CVE-2024-6387-Tester	POC详情
55	None	https://github.com/CognisysGroup/CVE-2024-6387-Checker	POC详情
56	Targeting a signal handler race condition in OpenSSH's server (sshd) on glibc-based Linux systems.	https://github.com/sxlmnwb/CVE-2024-6387	POC详情
57	SSH Exploit for CVE-2024-6387 : RCE in OpenSSH's server, on glibc-based Linux systems	https://github.com/Symbolexe/CVE-2024-6387	POC详情
58	SentinelSSH is an advanced, high-performance SSH vulnerability scanner written in Go. It's specifically designed to detect the CVE-2024-6387 vulnerability in OpenSSH servers across various network environments.	https://github.com/harshinsecurity/sentinelssh	POC详情
59	None	https://github.com/t3rry327/cve-2024-6387-poc	POC详情
60	None	https://github.com/jocker2410/CVE-2024-6387_poc	POC详情
61	CVE-2024-6387_Check 是一款轻量级、高效的工具，旨在识别运行易受攻击的 OpenSSH 版本的服务器，专门针对最近发现的regreSSHion漏洞 (CVE-2024-6387)。此脚本有助于快速扫描多个 IP 地址、域名和 CIDR 网络范围，以检测潜在漏洞并确保您的基础设施安全。	https://github.com/JackSparrowhk/ssh-CVE-2024-6387-poc	POC详情
62	Welcome to the CVE-2024-6387 OpenSSH Vulnerability Checker repository! This project offers multiple scripts to check the installed version of OpenSSH on your system and determine if it is vulnerable to CVE-2024-6387. It supports various environments, including Ubuntu, Mac, and Windows.	https://github.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker	POC详情
63	None	https://github.com/sms2056/CVE-2024-6387	POC详情
64	Provides instructions for using the script to check if your OpenSSH installation is vulnerable to CVE-2024-6387	https://github.com/invaderslabs/regreSSHion-CVE-2024-6387-	POC详情
65	None	https://github.com/lala-amber/CVE-2024-6387	POC详情
66	rewrited SSH Exploit for CVE-2024-6387 (regreSSHion)	https://github.com/4lxprime/regreSSHive	POC详情
67	A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.	https://github.com/sardine-web/CVE-2024-6387_Check	POC详情
68	HASSH fingerprints for identifying OpenSSH servers potentially vulnerable to CVE-2024-6387 (regreSSHion).	https://github.com/0x4D31/cve-2024-6387_hassh	POC详情
69	CVE-2024-6387-Check es una herramienta ligera y eficiente diseñada para identificar servidores que ejecutan versiones vulnerables de OpenSSH, específicamente el fallo de seguridad conocido como regreSSHion (CVE-2024-6387). Este script facilita el análisis rápido de múltiples direcciones IP, nombres de dominio y rangos de red CIDR.	https://github.com/Segurmatica/CVE-2024-6387-CHECK	POC详情
70	Quick regreSSHion checker (based on software version) for nuclei CVE-2024-6387	https://github.com/sardine-web/CVE-2024-6387-template	POC详情
71	None	https://github.com/imv7/CVE-2024-6387	POC详情
72	CVE-2024-6387 SSH finder	https://github.com/SiberianHacker/CVE-2024-6387-Finder	POC详情
73	Correção e Atualização do OpenSSH para CVE-2024-6387	https://github.com/dgicloud/patch_regreSSHion	POC详情
74	Vulnerability remediation and mitigationCVE-2024-6387	https://github.com/azurejoga/CVE-2024-6387-how-to-fix	POC详情
75	regreSSHion vulnerability in OpenSSH CVE-2024-6387 Testing Script	https://github.com/grupooruss/CVE-2024-6387	POC详情
76	Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)	https://github.com/asterictnl-lvdw/CVE-2024-6387	POC详情
77	Chef Inspec profile for checking regreSSHion vulnerability CVE-2024-6387	https://github.com/vkaushik-chef/regreSSHion	POC详情
78	None	https://github.com/dgourillon/mitigate-CVE-2024-6387	POC详情
79	None	https://github.com/mrmtwoj/CVE-2024-6387	POC详情
80	This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.	https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker	POC详情
81	This Rust Code is designed to check SSH servers for the CVE-2024-6387 vulnerability	https://github.com/kubota/CVE-2024-6387-Vulnerability-Checker	POC详情
82	None	https://github.com/DimaMend/cve-2024-6387-poc	POC详情
83	Bulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2024-6409, CVE-2006-5051, CVE-2008-4109, and 16 other CVEs.	https://github.com/bigb0x/SSH-Scanner	POC详情
84	CVE-2024-6387, also known as RegreSSHion, is a high-severity vulnerability found in OpenSSH servers (sshd) running on glibc-based Linux systems. It is a regression of a previously fixed vulnerability (CVE-2006-5051), which means the issue was reintroduced in newer versions of OpenSSH.	https://github.com/ThemeHackers/CVE-2024-6387	POC详情
85	OpenSSH vulnerability CVE-2024-6387	https://github.com/Sibijo/mitigate_ssh	POC详情
86	Fix for regreSSHion CVE-2024-6387 for Ubuntu and Debian	https://github.com/Passyed/regreSSHion-Fix	POC详情
87	Lỗ hổng thực thi mã không được xác thực từ xa trong máy chủ OpenSSH	https://github.com/k4t3pr0/CVE-2024-6387-Check	POC详情
88	Script to address CVE-2024-6387 by changing the LoginGraceTime in sshd.	https://github.com/liqhtnd/sshd-logingracetime0	POC详情
89	OpenSSH a publié un avis de sécurité concernant la vulnérabilité critique CVE-2024-6387. Cette vulnérabilité permet à un attaquant non authentifié d'exécuter du code arbitraire	https://github.com/Jhonsonwannaa/CVE-2024-6387	POC详情
90	OpenSSH RCE Massive Vulnerable Scanner	https://github.com/ThatNotEasy/CVE-2024-6387	POC详情
91	None	https://github.com/W1hithat/CVE-2024-6387	POC详情
92	None	https://github.com/prelearn-code/CVE-2024-6387	POC详情
93	proof of concept python script for regreSSHion exploit	https://github.com/l-urk/CVE-2024-6387	POC详情
94	An exploit for CVE-2024-6387, targeting a signal handler race condition in OpenSSH's server	https://github.com/alex14324/ssh_poc2024	POC详情
95	Proof of concept python script for regreSSHion exploit. Version 0.1.0.	https://github.com/l-urk/CVE-2024-6387-L	POC详情
96	CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH.	https://github.com/niktoproject/CVE-202406387_Check.py	POC详情
97	None	https://github.com/s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH	POC详情
98	A Bash script to mitigate the CVE-2024-6387 vulnerability in OpenSSH by providing an option to upgrade to a secure version or apply a temporary workaround. This repository helps secure systems against potential remote code execution risks associated with affected OpenSSH versions.	https://github.com/almogopp/OpenSSH-CVE-2024-6387-Fix	POC详情
99	This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.	https://github.com/identity-threat-labs/CVE-2024-6387-Vulnerability-Checker	POC详情
100	In an era where digital security is crucial, a new vulnerability in OpenSSH, identified as CVE-2024-6387, has drawn the attention of system administrators and security professionals worldwide. Named "regreSSHion," this severe security flaw allows remote code execution (RCE) and could significant threat to the integrity of vulnerable systems.	https://github.com/identity-threat-labs/Article-RegreSSHion-CVE-2024-6387	POC详情
101	An Ansible Playbook to mitigate the risk of RCE (CVE-2024-6387) until platforms update OpenSSH to a non-vulnerable version.	https://github.com/daniel-odrinski/CVE-2024-6387-Mitigation-Ansible-Playbook	POC详情
102	OpenSSH a publié un avis de sécurité concernant la vulnérabilité critique CVE-2024-6387. Cette vulnérabilité permet à un attaquant non authentifié d'exécuter du code arbitraire	https://github.com/dream434/CVE-2024-6387	POC详情
103	None	https://github.com/skysaints/CVE-2024-6387-POC	POC详情
104	None	https://github.com/skyalliance/CVE-2024-6387-POC	POC详情
105	None	https://github.com/YassDEV221608/CVE-2024-6387	POC详情
106	Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)	https://github.com/oxapavan/CVE-2024-6387	POC详情
107	None	https://github.com/zql-gif/CVE-2024-6387	POC详情
108	test code for cve-2024-6387	https://github.com/awusan125/test_for6387	POC详情
109	CVE-2024-6387, also known as RegreSSHion, is a high-severity vulnerability found in OpenSSH servers (sshd) running on glibc-based Linux systems. It is a regression of a previously fixed vulnerability (CVE-2006-5051), which means the issue was reintroduced in newer versions of OpenSSH.	https://github.com/anhvutuan/CVE-2024-6387-poc-1	POC详情
110	None	https://github.com/YassDEV221608/CVE-2024-6387_PoC	POC详情
111	Script to address CVE-2024-6387 by changing the LoginGraceTime in sshd.	https://github.com/liqhtnd/sshd-logingracetime	POC详情
112	This is an altered PoC for d0rb/CVE-2024-6387. This takes glibc addresses and trys to exploit the CVE through them.	https://github.com/AzrDll/CVE-2024-6387	POC详情
113	None	https://github.com/SkyGodling/CVE-2024-6387-POC	POC详情
114	Remote Unauthenticated Code Execution Vulnerability in OpenSSH server (CVE-2024-6387)	https://github.com/Karmakstylez/CVE-2024-6387	POC详情
115	SSH RCE PoC CVE-2024-6387	https://github.com/AiK1d/CVE-2024-6387	POC详情
116	OpenSSH vulnerability CVE-2024-6387	https://github.com/redux-sibi-jose/mitigate_ssh	POC详情
117	Nuclei template to detect CVE-2024-6387. All latest patched versions are excluded.	https://github.com/xiw1ll/CVE-2024-6387_Checker	POC详情
118	CVE-2024-6387	https://github.com/moften/regreSSHion-CVE-2024-6387	POC详情
119	SSH RCE PoC CVE-2024-6387	https://github.com/P4x1s/CVE-2024-6387	POC详情
120	CVE-2024-6387 Exploit mit Reverse/Bind-Shell Support.	https://github.com/OhDamnn/Noregressh	POC详情
121	Relatório de Pentest Full-Scope (Black Box) focado em Red Team. Análise de segurança Web (SQL Injection, XSS), Wireless (WEP/WPA2), Evasão de Firewall (IP Fragmentation) e Exploração de RCE em OpenSSH (CVE-2024-6387).	https://github.com/arielrbrdev/redteamlab1	POC详情
122	This is an altered PoC for d0rb/CVE-2024-6387. This takes glibc addresses and trys to exploit the CVE through them.	https://github.com/kinu404/CVE-2024-6387	POC详情
123	None	https://github.com/Ngagne-Demba-Dia/CVE-2024-6387-corrigee	POC详情

三、漏洞 CVE-2024-6387 的情报信息

http://www.openwall.com/lists/oss-security/2024/07/09/5
http://www.openwall.com/lists/oss-security/2024/07/28/2
https://support.apple.com/kb/HT214119
http://www.openwall.com/lists/oss-security/2024/07/28/3
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc
http://www.openwall.com/lists/oss-security/2024/07/23/6
http://www.openwall.com/lists/oss-security/2024/07/03/2
http://seclists.org/fulldisclosure/2024/Jul/19
https://ubuntu.com/security/CVE-2024-6387
http://www.openwall.com/lists/oss-security/2024/07/08/2
https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09
https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html
https://sig-security.rocky.page/issues/CVE-2024-6387/
http://www.openwall.com/lists/oss-security/2024/07/11/1
https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc
http://www.openwall.com/lists/oss-security/2024/07/01/12
http://www.openwall.com/lists/oss-security/2024/07/03/1
http://www.openwall.com/lists/oss-security/2024/07/03/4

标题： RegreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems | Hacker News -- 🔗来源链接

标签：

神龙速读：

                                        该链接的内容为空，无法处理。

RegreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems | Hacker News

https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/
https://security.netapp.com/advisory/ntap-20240701-0001/
http://www.openwall.com/lists/oss-security/2024/07/03/11
https://github.com/oracle/oracle-linux/issues/149
http://www.openwall.com/lists/oss-security/2024/07/10/1
https://forum.vmssoftware.com/viewtopic.php?f=8&t=9132
https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html
标题： regreSSHion: Uncovering CVE-2024-6387 in OpenSSH - A Critical Vulnerability | Splunk -- 🔗来源链接
标签：
标题： Security Advisory 0100 - Arista -- 🔗来源链接
标签：
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
https://github.com/Azure/AKS/issues/4379
https://support.apple.com/kb/HT214118
https://github.com/PowerShell/Win32-OpenSSH/discussions/2248
https://github.com/AlmaLinux/updates/issues/629
http://seclists.org/fulldisclosure/2024/Jul/18
https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/
http://www.openwall.com/lists/oss-security/2024/07/01/13
http://www.openwall.com/lists/oss-security/2024/07/23/4
http://www.openwall.com/lists/oss-security/2024/07/11/3
http://www.openwall.com/lists/oss-security/2024/07/10/2
http://www.openwall.com/lists/oss-security/2024/07/10/4
https://support.apple.com/kb/HT214120
https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/
http://www.openwall.com/lists/oss-security/2024/07/02/1
标题： Nasty regreSSHion bug affects around 700K Linux systems • The Register -- 🔗来源链接
标签：

标题： CVE-2024-6387 -- 🔗来源链接

标签：

神龙速读：

                                        CVE: CVE-2024-6387

**Description:**
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

**Source:**
CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

**References:**
DSA-5724-1

**Vulnerable and Fixed Packages:**

| Source Package  | Release                          | Version               | Status    |
|-----------------|----------------------------------|-----------------------|-----------|
| openssh (PTS)   | bullseye                         | 1:8.4p1-5+deb11u3     | fixed     |
|                 | bullseye (security)              | 1:8.4p1-5+deb11u5     | fixed     |
|                 | bookworm                         | 1:9.2p1-2+deb12u7     | fixed     |
|                 | bookworm (security)              | 1:9.2p1-2+deb12u5     | fixed     |
|                 | trixie                           | 1:10.0p1-7            | fixed     |
|                 | forky, sid                       | 1:10.2p1-2            | fixed     |

**Fixed Versions:**

| Package  | Type    | Release    | Fixed Version        | Urgency | Origin    | Debian Bugs    |
|----------|---------|------------|----------------------|---------|-----------|----------------|
| openssh  | source  | bullseye   | (not affected)       |         |           |                |
| openssh  | source  | bookworm   | 1:9.2p1-2+deb12u3    |         | DSA-5724-1|                |
| openssh  | source  | (unstable) | 1:9.7p1-7            |         |           |                |

**Notes:**
- [bullseye] - openssh <not-affected> (Vulnerable code introduced later)
- Introduced with: [https://github.com/openssh/openssh-portable/commit/752250caabda3dd24635503c4cd689b32a650794](https://github.com/openssh/openssh-portable/commit/752250caabda3dd24635503c4cd689b32a650794) (V_8_5_P1)
- Fixed by: [https://github.com/openssh/openssh-portable/commit/81c1099d22b81ebfd20a334ce986c4f753b0db29](https://github.com/openssh/openssh-portable/commit/81c1099d22b81ebfd20a334ce986c4f753b0db29) (V_9_8_P1)
- [https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html](https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html)
- [https://www.openwall.com/lists/oss-security/2024/07/01/1](https://www.openwall.com/lists/oss-security/2024/07/01/1)
- [https://www.qualys.com/2024/07/01/cve-2024-6387/regresssion.txt](https://www.qualys.com/2024/07/01/cve-2024-6387/regresssion.txt)

https://github.com/rapier1/hpn-ssh/issues/87
https://www.openssh.com/txt/release-9.8
http://www.openwall.com/lists/oss-security/2024/07/03/3
http://www.openwall.com/lists/oss-security/2024/07/08/3
http://www.openwall.com/lists/oss-security/2024/07/10/3
https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do
标题： CVE-2024-6387 Common Vulnerabilities and Exposures | SUSE -- 🔗来源链接
标签：
http://www.openwall.com/lists/oss-security/2024/07/04/2
http://www.openwall.com/lists/oss-security/2024/07/04/1
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010
https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
http://www.openwall.com/lists/oss-security/2024/07/10/6
http://seclists.org/fulldisclosure/2024/Jul/20
https://ubuntu.com/security/notices/USN-6859-1
https://explore.alas.aws.amazon.com/CVE-2024-6387.html
https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/
https://github.com/microsoft/azurelinux/issues/9555
https://access.redhat.com/security/cve/CVE-2024-6387vdb-entryx_refsource_REDHAT
https://github.com/zgzhang/cve-2024-6387-poc
http://www.openwall.com/lists/oss-security/2024/07/09/2
https://github.com/PowerShell/Win32-OpenSSH/issues/2249
http://www.openwall.com/lists/oss-security/2024/07/03/5
https://bugzilla.redhat.com/show_bug.cgi?id=2294604issue-trackingx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4389vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4479vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4312vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4474vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4340vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4469vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4484vendor-advisoryx_refsource_REDHAT
https://nvd.nist.gov/vuln/detail/CVE-2024-6387

四、漏洞 CVE-2024-6387 的评论

暂无评论

支持本站 — 捐款将帮助我们持续运营

一、漏洞 CVE-2024-6387 基础信息

漏洞信息

神龙判断

提示

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2024-6387 的公开POC

三、漏洞 CVE-2024-6387 的情报信息

四、漏洞 CVE-2024-6387 的评论

发表评论

支持本站 — 捐款将帮助我们持续运营

一、 漏洞 CVE-2024-6387 基础信息

漏洞信息

神龙判断

提示

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

漏洞标题

漏洞描述信息

CVSS信息

漏洞类别

二、漏洞 CVE-2024-6387 的公开POC

三、漏洞 CVE-2024-6387 的情报信息

四、漏洞 CVE-2024-6387 的评论

发表评论

一、漏洞 CVE-2024-6387 基础信息