Researchers have uncovered a serious remote code execution vulnerability in the Open Secure Shell (OpenSSH) server that could let unauthenticated attackers obtain a root shell on servers and take them over. Through internet scanning services like Shodan and Censys, Qualys researchers identified over 14 million potentially vulnerable OpenSSH instances that were exposed to the internet.
The flaw, tracked as CVE-2024-6387, has been dubbed regreSSHion because it is a regression of an older flaw — CVE-2006-5051 — patched in the popular software 18 years ago.
“A regression in this context means that a flaw, once fixed, has reappeared in a subsequent software release, typically due to changes or updates that inadvertently reintroduce the issue,” said Qualys researchers who discovered the vulnerability. “This incident highlights the crucial role of thorough regression testing to prevent the reintroduction of known vulnerabilities into the environment. This regression was introduced in October 2020 (OpenSSH 8.5p1).”
Continue reading on CSO.
Source:: Network World