Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2024-6387

Description

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

POC

Reference

- http://www.openwall.com/lists/oss-security/2024/07/03/5

- http://www.openwall.com/lists/oss-security/2024/07/28/2

- https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

- https://github.com/zgzhang/cve-2024-6387-poc

- https://news.ycombinator.com/item?id=40843778

- https://santandersecurityresearch.github.io/blog/sshing_the_masses.html

- https://www.exploit-db.com/exploits/52269

- https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html

- https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387

Github

- https://github.com/0x4D31/cve-2024-6387_hassh

- https://github.com/0xMarcio/cve

- https://github.com/0xor0ne/awesome-list

- https://github.com/20142995/nuclei-templates

- https://github.com/3yujw7njai/CVE-2024-6387

- https://github.com/4lxprime/regreSSHive

- https://github.com/ACHUX21/checker-CVE-2024-6387

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/AiGptCode/ssh_exploiter_CVE-2024-6387

- https://github.com/AiK1d/CVE-2024-6387

- https://github.com/Andromeda254/cve

- https://github.com/AzrDll/CVE-2024-6387

- https://github.com/BitNixLLC/openssh-vulnerability-checker

- https://github.com/BrandonLynch2402/cve-2024-6387-nuclei-template

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CiderAndWhisky/regression-scanner

- https://github.com/CognisysGroup/CVE-2024-6387-Checker

- https://github.com/Cosmian/cosmian_vm

- https://github.com/CyberTapSolutions/CyberTapSolutions

- https://github.com/CyberTapSolutions/Vulnerability-Remediation-Linux

- https://github.com/DanWiseProgramming/CVE-2024-6387-Mitigation-Ansible-Playbook

- https://github.com/David-M-Berry/openssh-cve-discovery

- https://github.com/DimaMend/cve-2024-6387-poc

- https://github.com/EGI-Federation/SVG-advisories

- https://github.com/FerasAlrimali/CVE-2024-6387-POC

- https://github.com/GhostTroops/TOP

- https://github.com/GitHubForSnap/openssh-server-gael

- https://github.com/HadesNull123/CVE-2024-6387_Check

- https://github.com/Jalexander798/JA_Tools-Cybersecurity-Resource-2

- https://github.com/Jhonsonwannaa/CVE-2024-6387

- https://github.com/Jhonsonwannaa/Jhonsonwannaa

- https://github.com/JoranVanGoethem/NPE-Cybersecurity

- https://github.com/Karmakstylez/CVE-2024-6387

- https://github.com/Ketan-Agarwal/OperationShadowTrace

- https://github.com/Maikefee/CVE-2024-6387_Check.py

- https://github.com/MaulikxLakhani/SSHScout

- https://github.com/MrR0b0t19/CVE-2024-6387-Exploit-POC

- https://github.com/MrR0b0t19/CVE-6387-SSH-v2

- https://github.com/Mufti22/CVE-2024-6387-checkher

- https://github.com/MuhammadMuazen/thagarat

- https://github.com/NathanielChit/my-awesome-stars

- https://github.com/OhDamnn/Noregressh

- https://github.com/Ostorlab/KEV

- https://github.com/P4x1s/CVE-2024-6387

- https://github.com/Passyed/regreSSHion-Fix

- https://github.com/PrincipalAnthony/CVE-2024-6387-Updated-x64bit

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/R4Tw1z/CVE-2024-6387

- https://github.com/RickGeex/CVE-2024-6387-Checker

- https://github.com/Rogilio/Hardening

- https://github.com/SecOps18/HTB_SecureServer

- https://github.com/SecWithMoh/CVE-2024-6387

- https://github.com/Segurmatica/CVE-2024-6387-CHECK

- https://github.com/Shasheen8/agent-Bando

- https://github.com/SiberianHacker/CVE-2024-6387-Finder

- https://github.com/Sibijo/mitigate_ssh

- https://github.com/Sincan2/Sincan2

- https://github.com/SirSeoPro/12-01

- https://github.com/SkyGodling/CVE-2024-6387-POC

- https://github.com/SnailDev/v2ex-hot-hub

- https://github.com/Spyr026/Proyecto-Ciberseguridad

- https://github.com/Sucuri-Labs/CVE-2025-57819-ioc-check

- https://github.com/Symbolexe/CVE-2024-6387

- https://github.com/TAM-K592/CVE-2024-6387

- https://github.com/ThatNotEasy/CVE-2024-6387

- https://github.com/ThemeHackers/CVE-2024-6387

- https://github.com/Threekiii/CVE

- https://github.com/TrojanAZhen/Self_Back

- https://github.com/W1hithat/CVE-2024-6387

- https://github.com/X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker

- https://github.com/YassDEV221608/CVE-2024-6387

- https://github.com/YassDEV221608/CVE-2024-6387_PoC

- https://github.com/ab-jonathankennard/nmap-ssh-regresshion

- https://github.com/acrono/cve-2024-6387-poc

- https://github.com/ahlfors/CVE-2024-6387

- https://github.com/ainfosec/tnok

- https://github.com/alex14324/ssh_poc2024

- https://github.com/almkuznetsov/sast-labs

- https://github.com/almogopp/OpenSSH-CVE-2024-6387-Fix

- https://github.com/alvarigno22/NodeClimb-DockerLab

- https://github.com/angelontny/botpress-aikyam

- https://github.com/anhvutuan/CVE-2024-6387-poc-1

- https://github.com/asterictnl-lvdw/CVE-2024-6387

- https://github.com/awusan125/test_for6387

- https://github.com/azurejoga/CVE-2024-6387-how-to-fix

- https://github.com/bachkhoasoft/awesome-list-ks

- https://github.com/beac0n/ruroco

- https://github.com/being1943/my_rss_reader

- https://github.com/betancour/OpenSSH-Vulnerability-test

- https://github.com/bigb0x/CVE-2024-6387

- https://github.com/bigb0x/OpenSSH-Scanner

- https://github.com/byfranke/Estudo_de_Casos_HdB

- https://github.com/caterscam/kepolomemek

- https://github.com/cleverg0d/CVEs

- https://github.com/cxyfreedom/v2ex-hot-hub

- https://github.com/cybereagle2001/KQL-Security-Querries

- https://github.com/cybereagle2001/MicrosoftSentinelQuerries

- https://github.com/d0rb/CVE-2024-6387

- https://github.com/daniel-odrinski/CVE-2024-6387-Mitigation-Ansible-Playbook

- https://github.com/dawnl3ss/CVE-2024-6387

- https://github.com/defronixpro/Defronix-Cybersecurity-Roadmap

- https://github.com/devarshishimpi/CVE-2024-6387-Check

- https://github.com/dgicloud/patch_regreSSHion

- https://github.com/dgourillon/mitigate-CVE-2024-6387

- https://github.com/dream434/CVE-2024-6387

- https://github.com/dream434/dream434

- https://github.com/edsonjt81/CVE-2024-6387_Check

- https://github.com/edsonjt81/https-github.com-gotr00t0day-OpenSSH-Scanner

- https://github.com/enomothem/PenTestNote

- https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker

- https://github.com/fkie-cad/nvd-json-data-feeds

- https://github.com/getdrive/CVE-2024-6387-PoC

- https://github.com/giterlizzi/secdb-feeds

- https://github.com/grupooruss/CVE-2024-6387

- https://github.com/grupooruss/CVE-2024-6387-Tester

- https://github.com/h3x0crypt/SpicyShell

- https://github.com/hackingyseguridad/ssha

- https://github.com/harshinsecurity/harshinsecurity

- https://github.com/harshinsecurity/sentinelssh

- https://github.com/havokzero/RustgreSSHion

- https://github.com/hssmo/cve-2024-6387_AImade

- https://github.com/identity-threat-labs/Article-RegreSSHion-CVE-2024-6387

- https://github.com/identity-threat-labs/CVE-2024-6387-Vulnerability-Checker

- https://github.com/imthenachoman/How-To-Secure-A-Linux-Server

- https://github.com/imv7/CVE-2024-6387

- https://github.com/imv7/LargeRaceCondition_SSH

- https://github.com/inikhilgitd/Basic-Vulnerability-Scan-on-Your-PC

- https://github.com/invaderslabs/regreSSHion-CVE-2024-6387-

- https://github.com/it-t4mpan/tangguh

- https://github.com/jack0we/CVE-2024-6387

- https://github.com/jambar556/signal_handler

- https://github.com/jocker2410/CVE-2024-6387_poc

- https://github.com/k4t3pr0/CVE-2024-6387-Check

- https://github.com/k4t3pr0/CVE-2024-6387-POC

- https://github.com/kalanik0a/Cybersecurity-Notes

- https://github.com/kaluzaCSA/CAVEaT-STIX-Generator

- https://github.com/kalvin-net/NoLimit-Secu-RegreSSHion

- https://github.com/kherrick/lobsters

- https://github.com/krlabs/openssh-vulnerabilities

- https://github.com/kubota/CVE-2024-6387-Vulnerability-Checker

- https://github.com/kuffsit/check_cve_2024_6387

- https://github.com/l-urk/CVE-2024-6387

- https://github.com/l-urk/CVE-2024-6387-L

- https://github.com/l0n3m4n/CVE-2024-6387

- https://github.com/lala-amber/CVE-2024-6387

- https://github.com/lflare/cve-2024-6387-poc

- https://github.com/lgturatti/techdrops

- https://github.com/liqhtnd/sshd-logingracetime

- https://github.com/liqhtnd/sshd-logingracetime0

- https://github.com/lonnyzhang423/v2ex-hot-hub

- https://github.com/lukibahr/stars

- https://github.com/maycon/stars

- https://github.com/moften/regreSSHion-CVE-2024-6387

- https://github.com/mrmtwoj/CVE-2024-6387

- https://github.com/muyuanlove/CVE-2024-6387fixshell

- https://github.com/n1cks0n/Test_CVE-2024-6387

- https://github.com/nhelchitnis/incredible-stars

- https://github.com/nholuongut/secure-a-linux-server

- https://github.com/nideaspl/vulnerbility

- https://github.com/niktoproject/CVE-202406387_Check.py

- https://github.com/no-one-sec/CVE-2024-6387

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/oliferFord/CVE-2024-6387-SSH-RCE

- https://github.com/paradessia/CVE-2024-6387-nmap

- https://github.com/passwa11/cve-2024-6387-poc

- https://github.com/password123456/cve-security-response-guidelines

- https://github.com/pawan-shivarkar/List-of-CVE-s-

- https://github.com/pawan-shivarkar/pawan-shivarkar

- https://github.com/pawan971/pawan971

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/ppxl/harbor-cve-finder

- https://github.com/prelearn-code/CVE-2024-6387

- https://github.com/quiver/classmethod-devio-2024-basic-linux

- https://github.com/redux-sibi-jose/mitigate_ssh

- https://github.com/rumochnaya/openssh-cve-2024-6387.sh

- https://github.com/rxerium/stars

- https://github.com/ryanalieh/openSSH-scanner

- https://github.com/rylei-m/USU_2024_PS1_Script_For_SSH

- https://github.com/rylei-m/USU_2024_PS1_Script_For_SSL

- https://github.com/s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH

- https://github.com/s3kler/s3kler---regreSSHion

- https://github.com/sardine-web/CVE-2024-6387-template

- https://github.com/sardine-web/CVE-2024-6387_Check

- https://github.com/shamo0/CVE-2024-6387_PoC

- https://github.com/shyrwall/cve-2024-6387-poc

- https://github.com/skyalliance/CVE-2024-6387-POC

- https://github.com/skysaints/CVE-2024-6387-POC

- https://github.com/sms2056/CVE-2024-6387

- https://github.com/ssep1ol/ansible-playbooks

- https://github.com/stephenmuema/regreSSHion

- https://github.com/sxlmnwb/CVE-2024-6387

- https://github.com/t3rry327/cve-2024-6387-poc

- https://github.com/tanjiti/sec_profile

- https://github.com/teamos-hub/regreSSHion

- https://github.com/th3gokul/CVE-2024-6387

- https://github.com/theaog/spirit

- https://github.com/thegenetic/CVE-2024-6387-exploit

- https://github.com/trailofbits/codeql-queries

- https://github.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker

- https://github.com/username317/hackthebox-Secure-Server-

- https://github.com/vitalii-moholivskyi/selected-cve-dataset-2024

- https://github.com/vkaushik-chef/regreSSHion

- https://github.com/whiterabb17/Oeliander

- https://github.com/wiggels/regresshion-check

- https://github.com/xaitax/CVE-2024-6387_Check

- https://github.com/xiw1ll/CVE-2024-6387_Checker

- https://github.com/xonoxitron/regreSSHion

- https://github.com/xonoxitron/regreSSHion-checker

- https://github.com/xristos8574/regreSSHion-nmap-scanner

- https://github.com/yellowdragonfire/Secure_server_HTB

- https://github.com/yya1233/CVE-2024-6387-Updated-SSH-RCE

- https://github.com/zenzue/CVE-2024-6387-Mitigation

- https://github.com/zgimszhd61/cve-2024-6387-poc

- https://github.com/zgzhang/cve-2024-6387-poc

- https://github.com/zhanpengliu-tencent/medium-cve

- https://github.com/zhaoolee/garss

- https://github.com/zql-gif/CVE-2024-6387