Test ID:	1.3.6.1.4.1.25623.1.0.114680
Category:	General
Title:	OpenBSD OpenSSH < 4.4p1, 8.5p1 - 9.7p1 RCE Vulnerability (regreSSHion)
Summary:	OpenBSD OpenSSH is prone to a remote code execution (RCE); vulnerability dubbed 'regreSSHion'.
Description:	Summary: OpenBSD OpenSSH is prone to a remote code execution (RCE) vulnerability dubbed 'regreSSHion'. Vulnerability Insight: Vendor insights: 1) Race condition in sshd(8) A critical vulnerability in sshd(8) was present that may allow arbitrary code execution with root privileges. Successful exploitation has been demonstrated on 32-bit Linux/glibc systems with ASLR. Under lab conditions, the attack requires on average 6-8 hours of continuous connections up to the maximum the server will accept. Exploitation on 64-bit systems is believed to be possible but has not been demonstrated at this time. It's likely that these attacks will be improved upon. Exploitation on non-glibc systems is conceivable but has not been examined. Systems that lack ASLR or users of downstream Linux distributions that have modified OpenSSH to disable per-connection ASLR re-randomisation (yes - this is a thing, no - we don't understand why) may potentially have an easier path to exploitation. OpenBSD is not vulnerable. Affected Software/OS: OpenBSD OpenSSH versions prior to 4.4p1 (unless patched for CVE-2006-5051 and CVE-2008-4109) and 8.5p1 through 9.7p1. Solution: Update to version 9.8 or later. CVSS Score: 7.6 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-6387
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.