• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new openssh vulnerability exposes linux systems to remote command injection

New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection

You are here: Home / General Cyber Security News / New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection
July 24, 2023

Particulars have emerged about a now-patched flaw in OpenSSH that could be likely exploited to operate arbitrary instructions remotely on compromised hosts underneath unique ailments.

“This vulnerability makes it possible for a remote attacker to possibly execute arbitrary instructions on susceptible OpenSSH’s forwarded ssh-agent,” Saeed Abbasi, supervisor of vulnerability study at Qualys, mentioned in an assessment previous week.

The vulnerability is remaining tracked beneath the CVE identifier CVE-2023-38408 (CVSS score: N/A). It impacts all versions of OpenSSH right before 9.3p2.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


OpenSSH is a common connectivity device for distant login with the SSH protocol which is employed for encrypting all visitors to reduce eavesdropping, relationship hijacking, and other attacks.

Prosperous exploitation involves the existence of selected libraries on the target technique and that the SSH authentication agent is forwarded to an attacker-controlled method. SSH agent is a qualifications method that maintains users’ keys in memory and facilitates remote logins to a server without getting to enter their passphrase once again.

“When browsing via ssh-agent’s source code, we recognized that a remote attacker, who has entry to the remote server wherever Alice’s ssh-agent is forwarded to, can load (dlopen()) and quickly unload (dlclose()) any shared library in /usr/lib* on Alice’s workstation (by way of her forwarded ssh-agent, if it is compiled with Help_PKCS11, which is the default),” Qualys explained.

The cybersecurity firm claimed it was in a position to devise a successful proof-of-concept (PoC) from default installations of Ubuntu Desktop 22.04 and 21.10, while other Linux distributions are expected to be susceptible as well.

Upcoming WEBINARShield Against Insider Threats: Grasp SaaS Security Posture Management

Worried about insider threats? We have acquired you covered! Be a part of this webinar to discover realistic strategies and the secrets of proactive security with SaaS Security Posture Administration.

Be a part of Now

It is strongly suggested that buyers of OpenSSH update to the most recent variation in order to safeguard in opposition to probable cyber threats.

Previously this February, OpenSSH maintainers introduced an update to remediate a medium-severity security flaw (CVE-2023-25136, CVSS rating: 6.5) that could be exploited by an unauthenticated remote attacker to modify unanticipated memory destinations and theoretically reach code execution.

Found this short article intriguing? Adhere to us on Twitter  and LinkedIn to study extra unique content we publish.


Some sections of this posting are sourced from:
thehackernews.com

Previous Post: «banking sector targeted in open source software supply chain attacks Banking Sector Targeted in Open-Source Software Supply Chain Attacks
Next Post: How to Protect Patients and Their Privacy in Your SaaS Apps how to protect patients and their privacy in your saas»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
  • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
  • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
  • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
  • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
  • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
  • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
  • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
  • Non-Human Identities: How to Address the Expanding Security Risk
  • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

Copyright © TheCyberSecurity.News, All Rights Reserved.