REPRODUCIBILITY: N/A - OpenSSH vulnerability
OS VERSION: 4.6 ?
HARDWARE: N/A
UI LANGUAGE: All
REGRESSION: N/A
Is the OpenSSH version SFOS runs on vulnerable?
DESCRIPTION:
Copy paste from my work e-mail:
Summary:
Some versions of OpenSSH have a critical vulnerability. Patch is available. Mitigating measures are also out.
Status:
Qualys announced today (1 July 2024) a critical vulnerability in OpenSSH (CVE-2024-6387) [1] that allows authentication to be bypassed and code to be executed remotely with full privileges.
Exploitation assumes that a vulnerable installation of OpenSSH is network reachable and running on a glibc-based Linux distribution. The attack is highly complex and successful exploitation takes a long time (several hours). It is based on guessing memory addresses and will therefore be significantly easier to implement on 32-bit architecture than on 64-bit.
The vulnerability has not yet received a CVSS score, but we consider it critical as OpenSSH is very widespread and successful exploitation gives the attacker full access to affected systems.
The following products are vulnerable:
OpenSSH:
- All versions prior to 4.4p1
- All versions from 8.5p1 up to but not including 9.8p1
To our knowledge, the exploit code is not publicly available and we are not aware of the vulnerability being actively exploited.
However, the attack is thoroughly explained in a technical review from Qualys [2].
PRECONDITIONS:
STEPS TO REPRODUCE:
- N/A