mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
4.2 KiB
4.2 KiB
CVE-2024-6387
Description
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
POC
Reference
- http://seclists.org/fulldisclosure/2024/Jul/18
- http://seclists.org/fulldisclosure/2024/Jul/19
- http://www.openwall.com/lists/oss-security/2024/07/03/5
- http://www.openwall.com/lists/oss-security/2024/07/28/2
- https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server
- https://github.com/zgzhang/cve-2024-6387-poc
- https://news.ycombinator.com/item?id=40843778
- https://santandersecurityresearch.github.io/blog/sshing_the_masses.html
- https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html
Github
- https://github.com/0xMarcio/cve
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/David-M-Berry/openssh-cve-discovery
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/GhostTroops/TOP
- https://github.com/GitHubForSnap/openssh-server-gael
- https://github.com/Ostorlab/KEV
- https://github.com/Passyed/regreSSHion-Fix
- https://github.com/TAM-K592/CVE-2024-6387
- https://github.com/ThemeHackers/CVE-2024-6387
- https://github.com/Threekiii/CVE
- https://github.com/TrojanAZhen/Self_Back
- https://github.com/almogopp/OpenSSH-CVE-2024-6387-Fix
- https://github.com/azurejoga/CVE-2024-6387-how-to-fix
- https://github.com/beac0n/ruroco
- https://github.com/bigb0x/CVE-2024-6387
- https://github.com/bigb0x/OpenSSH-Scanner
- https://github.com/cybereagle2001/KQL-Security-Querries
- https://github.com/enomothem/PenTestNote
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/invaderslabs/regreSSHion-CVE-2024-6387-
- https://github.com/kalvin-net/NoLimit-Secu-RegreSSHion
- https://github.com/lukibahr/stars
- https://github.com/maycon/stars
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/rxerium/stars
- https://github.com/ryanalieh/openSSH-scanner
- https://github.com/rylei-m/USU_2024_PS1_Script_For_SSH
- https://github.com/s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH
- https://github.com/sardine-web/CVE-2024-6387_Check
- https://github.com/tanjiti/sec_profile
- https://github.com/teamos-hub/regreSSHion
- https://github.com/trailofbits/codeql-queries