OpenSSH's sshd server is vulnerable to CVE-2024-6387, allowing unauthenticated attackers to achieve RCE on numerous targets.
700,000 internet-facing instances out of 14 million could be impacted by regreSSHion, a regression of CVE-2006-5051 in OpenSSH 8.5p1.
Systems running glibc, especially 32-bit architectures, are at risk; OpenBSD systems are an exception due to a security tweak in 2001.
Qualys advises upgrading OpenSSH to avoid the reintroduction of known vulnerabilities and highlights the importance of regression testing to prevent issues.
Collection
[
|
...
]