all InfoSec News
CVE-2024-6387 – Shields Up Against RegreSSHion
Malware Analysis, News and Indicators - Latest topics malware.news
On July 1st, the Qualys’s security team announced CVE-2024-6387, a remotely exploitable vulnerability in the OpenSSH server. This critical vulnerability is nicknamed “regreSSHion” because the root cause is an accidental removal of code that fixed a much earlier vulnerability CVE-2006-5051 back in 2006. The race condition affects the default configuration of sshd (the daemon program for SSH).
OpenSSH versions older than 4.4p1 – unless patched for previous CVE-2006-5051 and CVE-2008-4109) – and versions between 8.5p1 and 9.8p1 …
back code configuration critical critical vulnerability cve cve-2024 cve-2024-6387 daemon default july openssh openssh server qualys race race condition regresshion root security security team server shields up sshd team vulnerability