关联漏洞
标题:
OpenSSH 安全漏洞
(CVE-2024-6387)
描述:OpenSSH(OpenBSD Secure Shell)是加拿大OpenBSD计划组的一套用于安全访问远程计算机的连接工具。该工具是SSH协议的开源实现,支持对所有的传输进行加密,可有效阻止窃听、连接劫持以及其他网络级的攻击。 OpenSSH 存在安全漏洞,该漏洞源于信号处理程序中存在竞争条件,攻击者利用该漏洞可以在无需认证的情况下远程执行任意代码并获得系统控制权。
描述
A Bash script to mitigate the CVE-2024-6387 vulnerability in OpenSSH by providing an option to upgrade to a secure version or apply a temporary workaround. This repository helps secure systems against potential remote code execution risks associated with affected OpenSSH versions.
介绍
# CVE-2024-6387 OpenSSH Vulnerability Mitigation Script
## Overview
This Bash script is designed to help mitigate the CVE-2024-6387 vulnerability in OpenSSH. The vulnerability affects certain versions of OpenSSH and can potentially allow remote unauthenticated attackers to execute arbitrary code on your system. This script gives you the option to upgrade to a safe version of OpenSSH or apply a temporary fix to reduce the risk of exploitation.
### Affected Versions
- **Vulnerable Versions:**
- OpenSSH versions earlier than 4.4p1 are vulnerable unless patched for CVE-2006-5051 and CVE-2008-4109.
- Versions from 8.5p1 up to, but not including, 9.8p1 are vulnerable due to the reintroduction of a critical issue.
- **Safe Versions:**
- Versions from 4.4p1 to 8.5p1 are not vulnerable due to a patch that was applied in these versions.
- Versions 9.8p1 and later include the necessary fixes.
## Script Features
- **Version Check:**
- The script checks your current OpenSSH version to determine if it is vulnerable.
- **Upgrade Option:**
- If your version is vulnerable, the script prompts you to upgrade OpenSSH to the latest secure version.
- **Temporary Fix:**
- If you choose not to upgrade, the script applies a temporary workaround by modifying the `sshd_config` file to reduce the attack surface.
- **User Notifications:**
- The script concludes by advising on best practices for securing your SSH service.
## Usage
1. **Download and Save the Script:**
- Save the script to your local machine with a name like `fix_cve_2024_6387.sh`.
2. **Make the Script Executable:**
- Run the following command to make the script executable:
```bash
chmod +x fix_cve_2024_6387.sh
```
3. **Run the Script with Root Privileges:**
- Execute the script using `sudo` to ensure it has the necessary permissions:
```bash
sudo ./fix_cve_2024_6387.sh
```
4. **Follow the Prompts:**
- If your OpenSSH version is vulnerable, the script will prompt you to upgrade. You can choose to upgrade or apply the temporary fix.
## Important Notes
- **Backup:** It is always recommended to backup your SSH configuration files and other important data before running any scripts that modify system settings.
- **Monitoring:** After applying the fix or upgrading, monitor your SSH logs for any unusual activity and ensure that your SSH service is restricted to trusted networks.
- **Key-Based Authentication:** For enhanced security, use key-based authentication instead of password-based authentication.
## License
This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
## Contributing
If you find any issues or have suggestions for improvements, feel free to submit a pull request or open an issue.
文件快照
[4.0K] /data/pocs/c43e01a1b2d37f9a30001ff04c6022896e96e251
├── [2.4K] fix_cve_2024_6387.sh
├── [1.0K] LICENSE
└── [2.7K] README.md
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。