### [CVE-2024-6387](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6387)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ceph%20Storage%205&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ceph%20Storage%206&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Ceph%20Storage%207&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%206&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%207&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%208&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.0%20Update%20Services%20for%20SAP%20Solutions&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20Enterprise%20Linux%209.2%20Extended%20Update%20Support&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.13&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.14&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.15&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Red%20Hat%20OpenShift%20Container%20Platform%204.16&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Signal%20Handler%20Race%20Condition&color=brighgreen)

### Description

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

### POC

#### Reference
- http://seclists.org/fulldisclosure/2024/Jul/18
- http://seclists.org/fulldisclosure/2024/Jul/19
- http://www.openwall.com/lists/oss-security/2024/07/03/5
- http://www.openwall.com/lists/oss-security/2024/07/28/2
- https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
- https://github.com/zgzhang/cve-2024-6387-poc
- https://news.ycombinator.com/item?id=40843778
- https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
- https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html

#### Github
- https://github.com/0x4D31/cve-2024-6387_hassh
- https://github.com/0xMarcio/cve
- https://github.com/0xor0ne/awesome-list
- https://github.com/4lxprime/regreSSHive
- https://github.com/ACHUX21/checker-CVE-2024-6387
- https://github.com/AiGptCode/ssh_exploiter_CVE-2024-6387
- https://github.com/Andromeda254/cve
- https://github.com/AzrDll/CVE-2024-6387
- https://github.com/BitNixLLC/openssh-vulnerability-checker
- https://github.com/BrandonLynch2402/cve-2024-6387-nuclei-template
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CiderAndWhisky/regression-scanner
- https://github.com/CognisysGroup/CVE-2024-6387-Checker
- https://github.com/CyberTapSolutions/CyberTapSolutions
- https://github.com/CyberTapSolutions/Vulnerability-Remediation-Linux
- https://github.com/David-M-Berry/openssh-cve-discovery
- https://github.com/DimaMend/cve-2024-6387-poc
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/FerasAlrimali/CVE-2024-6387-POC
- https://github.com/GhostTroops/TOP
- https://github.com/GitHubForSnap/openssh-server-gael
- https://github.com/HadesNull123/CVE-2024-6387_Check
- https://github.com/Jalexander798/JA_Tools-Cybersecurity-Resource-2
- https://github.com/JoranVanGoethem/NPE-Cybersecurity
- https://github.com/Karmakstylez/CVE-2024-6387
- https://github.com/Ketan-Agarwal/OperationShadowTrace
- https://github.com/MaulikxLakhani/SSHScout
- https://github.com/MrR0b0t19/CVE-2024-6387-Exploit-POC
- https://github.com/MrR0b0t19/CVE-6387-SSH-v2
- https://github.com/Mufti22/CVE-2024-6387-checkher
- https://github.com/MuhammadMuazen/thagarat
- https://github.com/OhDamnn/Noregressh
- https://github.com/Ostorlab/KEV
- https://github.com/P4x1s/CVE-2024-6387
- https://github.com/Passyed/regreSSHion-Fix
- https://github.com/PrincipalAnthony/CVE-2024-6387-Updated-x64bit
- https://github.com/R4Tw1z/CVE-2024-6387
- https://github.com/RickGeex/CVE-2024-6387-Checker
- https://github.com/Rogilio/Hardening
- https://github.com/SecOps18/HTB_SecureServer
- https://github.com/Shasheen8/agent-Bando
- https://github.com/Sincan2/Sincan2
- https://github.com/SirSeoPro/12-01
- https://github.com/SkyGodling/CVE-2024-6387-POC
- https://github.com/Spyr026/Proyecto-Ciberseguridad
- https://github.com/Sucuri-Labs/CVE-2025-57819-ioc-check
- https://github.com/Symbolexe/CVE-2024-6387
- https://github.com/TAM-K592/CVE-2024-6387
- https://github.com/ThatNotEasy/CVE-2024-6387
- https://github.com/ThemeHackers/CVE-2024-6387
- https://github.com/Threekiii/CVE
- https://github.com/TrojanAZhen/Self_Back
- https://github.com/X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker
- https://github.com/YassDEV221608/CVE-2024-6387
- https://github.com/YassDEV221608/CVE-2024-6387_PoC
- https://github.com/ab-jonathankennard/nmap-ssh-regresshion
- https://github.com/acrono/cve-2024-6387-poc
- https://github.com/ahlfors/CVE-2024-6387
- https://github.com/ainfosec/tnok
- https://github.com/alex14324/ssh_poc2024
- https://github.com/almkuznetsov/sast-labs
- https://github.com/almogopp/OpenSSH-CVE-2024-6387-Fix
- https://github.com/alvarigno22/NodeClimb-DockerLab
- https://github.com/angelontny/botpress-aikyam
- https://github.com/anhvutuan/CVE-2024-6387-poc-1
- https://github.com/awusan125/test_for6387
- https://github.com/azurejoga/CVE-2024-6387-how-to-fix
- https://github.com/bachkhoasoft/awesome-list-ks
- https://github.com/beac0n/ruroco
- https://github.com/betancour/OpenSSH-Vulnerability-test
- https://github.com/bigb0x/CVE-2024-6387
- https://github.com/bigb0x/OpenSSH-Scanner
- https://github.com/caterscam/kepolomemek
- https://github.com/cleverg0d/CVEs
- https://github.com/cybereagle2001/KQL-Security-Querries
- https://github.com/d0rb/CVE-2024-6387
- https://github.com/daniel-odrinski/CVE-2024-6387-Mitigation-Ansible-Playbook
- https://github.com/dawnl3ss/CVE-2024-6387
- https://github.com/devarshishimpi/CVE-2024-6387-Check
- https://github.com/dgourillon/mitigate-CVE-2024-6387
- https://github.com/dream434/CVE-2024-6387
- https://github.com/dream434/dream434
- https://github.com/edsonjt81/CVE-2024-6387_Check
- https://github.com/edsonjt81/https-github.com-gotr00t0day-OpenSSH-Scanner
- https://github.com/enomothem/PenTestNote
- https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker
- https://github.com/getdrive/CVE-2024-6387-PoC
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/grupooruss/CVE-2024-6387
- https://github.com/h3x0crypt/SpicyShell
- https://github.com/hackingyseguridad/ssha
- https://github.com/harshinsecurity/harshinsecurity
- https://github.com/harshinsecurity/sentinelssh
- https://github.com/havokzero/RustgreSSHion
- https://github.com/hssmo/cve-2024-6387_AImade
- https://github.com/identity-threat-labs/Article-RegreSSHion-CVE-2024-6387
- https://github.com/identity-threat-labs/CVE-2024-6387-Vulnerability-Checker
- https://github.com/imthenachoman/How-To-Secure-A-Linux-Server
- https://github.com/imv7/CVE-2024-6387
- https://github.com/imv7/LargeRaceCondition_SSH
- https://github.com/inikhilgitd/Basic-Vulnerability-Scan-on-Your-PC
- https://github.com/invaderslabs/regreSSHion-CVE-2024-6387-
- https://github.com/jack0we/CVE-2024-6387
- https://github.com/jocker2410/CVE-2024-6387_poc
- https://github.com/kaluzaCSA/CAVEaT-STIX-Generator
- https://github.com/kalvin-net/NoLimit-Secu-RegreSSHion
- https://github.com/krlabs/openssh-vulnerabilities
- https://github.com/kubota/CVE-2024-6387-Vulnerability-Checker
- https://github.com/kuffsit/check_cve_2024_6387
- https://github.com/l-urk/CVE-2024-6387
- https://github.com/l0n3m4n/CVE-2024-6387
- https://github.com/lala-amber/CVE-2024-6387
- https://github.com/lflare/cve-2024-6387-poc
- https://github.com/lgturatti/techdrops
- https://github.com/lukibahr/stars
- https://github.com/maycon/stars
- https://github.com/moften/regreSSHion-CVE-2024-6387
- https://github.com/mrmtwoj/CVE-2024-6387
- https://github.com/muyuanlove/CVE-2024-6387fixshell
- https://github.com/n1cks0n/Test_CVE-2024-6387
- https://github.com/nholuongut/secure-a-linux-server
- https://github.com/nideaspl/vulnerbility
- https://github.com/no-one-sec/CVE-2024-6387
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/paradessia/CVE-2024-6387-nmap
- https://github.com/passwa11/cve-2024-6387-poc
- https://github.com/password123456/cve-security-response-guidelines
- https://github.com/pawan-shivarkar/List-of-CVE-s-
- https://github.com/pawan-shivarkar/pawan-shivarkar
- https://github.com/pawan971/pawan971
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/ppxl/harbor-cve-finder
- https://github.com/prelearn-code/CVE-2024-6387
- https://github.com/quiver/classmethod-devio-2024-basic-linux
- https://github.com/redux-sibi-jose/mitigate_ssh
- https://github.com/rumochnaya/openssh-cve-2024-6387.sh
- https://github.com/rxerium/stars
- https://github.com/ryanalieh/openSSH-scanner
- https://github.com/rylei-m/USU_2024_PS1_Script_For_SSH
- https://github.com/rylei-m/USU_2024_PS1_Script_For_SSL
- https://github.com/s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH
- https://github.com/s3kler/s3kler---regreSSHion
- https://github.com/sardine-web/CVE-2024-6387-template
- https://github.com/sardine-web/CVE-2024-6387_Check
- https://github.com/shamo0/CVE-2024-6387_PoC
- https://github.com/shyrwall/cve-2024-6387-poc
- https://github.com/sms2056/CVE-2024-6387
- https://github.com/ssep1ol/ansible-playbooks
- https://github.com/stephenmuema/regreSSHion
- https://github.com/sxlmnwb/CVE-2024-6387
- https://github.com/t3rry327/cve-2024-6387-poc
- https://github.com/tanjiti/sec_profile
- https://github.com/teamos-hub/regreSSHion
- https://github.com/th3gokul/CVE-2024-6387
- https://github.com/thegenetic/CVE-2024-6387-exploit
- https://github.com/trailofbits/codeql-queries
- https://github.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker
- https://github.com/username317/hackthebox-Secure-Server-
- https://github.com/vitalii-moholivskyi/selected-cve-dataset-2024
- https://github.com/vkaushik-chef/regreSSHion
- https://github.com/whiterabb17/Oeliander
- https://github.com/wiggels/regresshion-check
- https://github.com/xaitax/CVE-2024-6387_Check
- https://github.com/xiw1ll/CVE-2024-6387_Checker
- https://github.com/xonoxitron/regreSSHion
- https://github.com/xonoxitron/regreSSHion-checker
- https://github.com/xristos8574/regreSSHion-nmap-scanner
- https://github.com/yellowdragonfire/Secure_server_HTB
- https://github.com/zenzue/CVE-2024-6387-Mitigation
- https://github.com/zgzhang/cve-2024-6387-poc
- https://github.com/zhanpengliu-tencent/medium-cve