Skip to comments.
Nasty regreSSHion bug in OpenSSH puts roughly 700K Linux boxes at risk
The Register ^
| 1 July 2024
| Connor Jones
Posted on 07/02/2024 10:59:45 AM PDT by ShadowAce
click here to read article
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-56 next last
According to the OpenSSH team and its release notes for version 9.8, which includes the fix for CVE-2024-6387, in lab conditions it took between six and eight hours to beat the race condition.
1
posted on
07/02/2024 10:59:45 AM PDT
by
ShadowAce
To: rdb3; JosephW; martin_fierro; Still Thinking; zeugma; Vinnie; ironman; Egon; raybbr; AFreeBird; ...
2
posted on
07/02/2024 11:00:00 AM PDT
by
ShadowAce
(Linux - The Ultimate Windows Service Pack )
To: ShadowAce
3
posted on
07/02/2024 11:03:16 AM PDT
by
algore
To: ShadowAce
No matter how bad the news is, those little guys always make me happy.
4
posted on
07/02/2024 11:07:52 AM PDT
by
Jamestown1630
("A Republic, if you can keep it.")
To: ShadowAce
This was what my son was frantically trying to figure out last night when a tornado warning sent us into the basement. He’s worked so hard to set up our secure server and just like that he had to figure out how to keep it secure.
To: ShadowAce
Since I posted this a few minutes ago, I checked my available updates, and my distro already has the newest package ready to DL with the fix.
I love Open Source!
6
posted on
07/02/2024 11:17:56 AM PDT
by
ShadowAce
(Linux - The Ultimate Windows Service Pack )
Yet another reason to restrict network access to a sshd endpoint.
7
posted on
07/02/2024 11:41:49 AM PDT
by
Gene Eric
(Don't be a statist! )
To: Openurmind
8
posted on
07/02/2024 11:47:45 AM PDT
by
Carriage Hill
(A society grows great when old men plant trees, in whose shade they know they will never sit.)
To: ShadowAce
Well..... That’s not good.
9
posted on
07/02/2024 11:59:09 AM PDT
by
Dead Corpse
(A Psalm in napalm...)
To: ShadowAce
>
Since I posted this a few minutes ago, I checked my available updates, and my distro already has the newest package ready to DL with the fix. I love Open Source! Yep! A simple "apt-get update && apt-get upgrade" did it for all my systems -- the fix was waiting for me.
10
posted on
07/02/2024 1:42:10 PM PDT
by
dayglored
(Strange Women Lying In Ponds Distributing Swords! Arthur Pendragon in 2024)
To: ShadowAce
The Register tends to get a little breathless about vulns. This one is very difficult to exploit, but you have to read deep into the article to discover that. Oh well, they deserve the clicks...
11
posted on
07/02/2024 1:43:48 PM PDT
by
dayglored
(Strange Women Lying In Ponds Distributing Swords! Arthur Pendragon in 2024)
To: dayglored
In my .bashrc:
alias update='apt update && sleep 2 && apt list --upgradable'
12
posted on
07/02/2024 2:28:53 PM PDT
by
ShadowAce
(Linux - The Ultimate Windows Service Pack )
To: ShadowAce
Since I posted this a few minutes ago, I checked my available updates, and my distro already has the newest package ready to DL with the fix.
I just did an update and it looks like this is the latest fo Kubuntu: OpenSSH_9.6p1
13
posted on
07/02/2024 3:27:56 PM PDT
by
zeugma
(Stop deluding yourself that America is still a free country.)
To: dayglored
im running mint, but haven’t got any update recommended in the update app-= where woudl i go to find out if there is an update?
14
posted on
07/02/2024 7:06:09 PM PDT
by
Bob434
To: Bob434
I usually check from a terminal:
apt update -y && apt list --upgradable
15
posted on
07/03/2024 4:35:52 AM PDT
by
ShadowAce
(Linux - The Ultimate Windows Service Pack )
To: Bob434; ShadowAce
First, check your version of OpenSSH. At a terminal Bash prompt, run this command:
sshd --help
It will print out its OpenSSH version and some usage info (since --help is not a valid option). You should see a string like this:
OpenSSH_8.2p1 ....
That's the OpenSSH version. Check it against the ranges that are vulnerable. If yours is not vulnerable then you're okay. If your is potentially vulnerable, use a command like the one ShadowAce posted above in #12:
sudo apt update && sleep 2 && apt list --upgradable
16
posted on
07/03/2024 6:01:51 AM PDT
by
dayglored
(Strange Women Lying In Ponds Distributing Swords! Arthur Pendragon in 2024)
To: ShadowAce
Thank you, I will do that tonight-
17
posted on
07/03/2024 6:17:02 AM PDT
by
Bob434
To: Carriage Hill
Thank you for the ping... :)
18
posted on
07/03/2024 6:36:02 AM PDT
by
Openurmind
(The ultimate test of a moral society is the kind of world it leaves to its children. ~ D. Bonhoeffer)
To: Bob434
Correction:
apt update -y && apt list --upgradable should be
apt update && apt list --upgradable
.
Get rid of the -y flag. It's not supported.
19
posted on
07/03/2024 6:50:02 AM PDT
by
ShadowAce
(Linux - The Ultimate Windows Service Pack )
To: ShadowAce
I got the same list with or without the -y flag. Ubuntu/mint...
20
posted on
07/03/2024 6:57:32 AM PDT
by
Openurmind
(The ultimate test of a moral society is the kind of world it leaves to its children. ~ D. Bonhoeffer)
Navigation: use the links below to view more comments.
first 1-20, 21-40, 41-56 next last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson