Qualys TRU has identified a critical remote code execution vulnerability, CVE-2024-6387, in OpenSSH. This race condition can potentially allow full system takeovers, with millions of SSH servers at risk. The issue stems from a code revert on the patch for CVE-2006-5051.
However, there’s a silver lining. Exploiting this vulnerability requires sending thousands of requests, which could take anywhere from hours to weeks. Additionally, not all systems are affected, and future WAF and firewall updates are likely to block this attack vector.
Defenders, smash that upgrade button or risk getting chowned.
Qualys Security Advisory: https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems
