AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
In this episode, Spencer and Brad discuss the OpenSSH "regreSSHion" vulnerability. This is being tracked as CVE-2024-6409 & CVE-2024-6387. A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2024-6409
- https://nvd.nist.gov/vuln/detail/CVE-2024-6387
- https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt?ref=thestack.technology
- https://www.infosecurity-magazine.com/news/chinese-state-exploits/
- https://x.com/fofabot/status/1810622161192919350
- https://justpaste.it/do235
Blog: https://offsec.blog/
Youtube: https://www.youtube.com/@cyberthreatpov
Twitter: https://twitter.com/cyberthreatpov
Work with Us: https://securit360.com
Get the Snipd
podcast app
Unlock the knowledge in podcasts with the podcast player of the future.
AI-powered
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode
Save any
moment
Hear something you like? Tap your headphones to save it with AI-generated key takeaways
Share
& Export
Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more
AI-powered
podcast player
Listen to all your favourite podcasts with AI-powered features
Discover
highlights
Listen to the best highlights from the podcasts you love and dive into the full episode