A severe vulnerability in OpenSSH, dubbed "regreSSHion" (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

A severe vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

  • lemmyvoreEnglish
    177 days ago

    Last I read about it it required connecting for 6-7 hours continuously on 32bit systems, and it’s unknown how long it would take on 64bit.

      • @[email protected]
        56 days ago

        But, eventually exploitable is still a pretty major concern for anybody who has systems running longer than a few days at a time.

        • TmpodOP
          36 days ago

          True, an RCE is always a serious thing. Just saying it’s not exactly catastrophic like others have been more so.

        • @whereisk
          26 days ago

          I can’t imagine any system of influence running an exposed ssh without some further protection from connection abuse like fail2ban.

      • @[email protected]
        16 days ago

        Reminds me of the node-ip guy making thn repo read only because of amateur researchers filling up cve s

  • @recapitated
    617 days ago

    I always use my ssh server for remote code execution.