A security regression (CVE-2006-5051) was discovered in OpenSSH’s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

OSVersionArchitecturePackageVersionFilename
Alpineedge-mainnoarchopenssh< 9.8_p1-r0UNKNOWN
Alpine3.17-mainnoarchopenssh< 9.1_p1-r6UNKNOWN
Alpine3.18-mainnoarchopenssh< 9.3_p2-r2UNKNOWN
Alpine3.19-mainnoarchopenssh< 9.6_p1-r1UNKNOWN
Alpine3.20-mainnoarchopenssh< 9.7_p1-r4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-main	noarch	openssh	< 9.8_p1-r0	UNKNOWN
Alpine	3.17-main	noarch	openssh	< 9.1_p1-r6	UNKNOWN
Alpine	3.18-main	noarch	openssh	< 9.3_p2-r2	UNKNOWN
Alpine	3.19-main	noarch	openssh	< 9.6_p1-r1	UNKNOWN
Alpine	3.20-main	noarch	openssh	< 9.7_p1-r4	UNKNOWN

ubuntucve 3

vulnrichment 1

cve 3

redhatcve 2

freebsd_advisory 2

nvd 3

debiancve 3

citrix 1

cvelist 3

qualysblog 1

openvas 26

pentestpartners 1

thn 1

cert 1

packetstorm 1

zdt 1

osv 5

virtuozzo 3

nessus 39

schneier 1

oraclelinux 3

githubexploit 43

archlinux 1

slackware 2

cbl_mariner 1

fedora 3

freebsd 2

gentoo 2

mageia 1

f5 5

checkpoint_security 2

centos 2

ubuntu 2

wizblog 1

redos 1

cisco 1

prion 1

redhat 2

securityvulns 2

debian 4

photon 2

attackerkb 1

suse 1

ubuntucve

CVE-2024-6387

2024-07-01 00:00:00

CVE-2006-5051

2006-09-27 00:00:00

CVE-2008-4109

2008-09-18 00:00:00

vulnrichment

CVE-2024-6387 Openssh: possible remote code execution due to a race condition in signal handling

2024-07-01 12:37:25

cve

CVE-2024-6387

2024-07-01 13:15:06

CVE-2006-5051

2006-09-27 23:07:00

CVE-2008-4109

2008-09-18 15:04:27

redhatcve

CVE-2024-6387

2024-07-01 10:24:35

CVE-2008-4109

2015-10-30 10:23:32

freebsd_advisory

FreeBSD-SA-24:04.openssh

2024-07-01 00:00:00

FreeBSD-SA-06:22.openssh

2006-09-30 00:00:00

nvd

CVE-2024-6387

2024-07-01 13:15:06

CVE-2006-5051

2006-09-27 23:07:00

CVE-2008-4109

2008-09-18 15:04:27

debiancve

CVE-2024-6387

2024-07-01 13:15:06

CVE-2006-5051

2006-09-27 23:07:00

CVE-2008-4109

2008-09-18 15:04:27

citrix

Cloud Software Group Security Advisory for CVE-2024-6387

2024-07-04 15:15:05

cvelist

CVE-2024-6387 Openssh: possible remote code execution due to a race condition in signal handling

2024-07-01 12:37:25

CVE-2006-5051

2006-09-27 23:00:00

CVE-2008-4109

2008-09-17 18:06:00

qualysblog

regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

2024-07-01 08:23:20

openvas

OpenBSD OpenSSH < 4.4p1, 8.5p1 - 9.7p1 RCE Vulnerability (regreSSHion)

2024-07-01 00:00:00

Slackware: Security Advisory (SSA:2024-183-01)

2024-07-02 00:00:00

QNAP QTS OpenSSH RCE Vulnerability (QSA-24-31, regreSSHion)

2024-07-03 00:00:00

pentestpartners

RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387)

2024-07-02 05:31:12

thn

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

2024-07-01 10:50:00

cert

OpenSSH contains a race condition vulnerability

2006-10-04 00:00:00

packetstorm

OpenSSH Server regreSSHion Remote Code Execution

2024-07-01 00:00:00

zdt

OpenSSH Server regreSSHion Remote Code Execution Vulnerability

2024-07-02 00:00:00

osv

openssh vulnerability

2024-07-01 09:06:31

openssh - security update

2024-07-01 00:00:00

openssh-krb5

2006-10-04 00:00:00

virtuozzo

Virtuozzo Hybrid Infrastructure 6.1 Update 1.3 (6.1.1-44)

2024-07-01 00:00:00

Virtuozzo Hybrid Infrastructure 6.2 (6.2.0-138)

2024-07-01 00:00:00

Virtuozzo Hybrid Infrastructure 6.0 Update 1.8 (6.0.1-98)

2024-07-01 00:00:00

nessus

Slackware Linux 15.0 / current openssh Vulnerability (SSA:2024-183-01)

2024-07-01 00:00:00

RHEL 9 : openssh (RHSA-2024:4312)

2024-07-03 00:00:00

Fedora 40 : openssh (2024-dc89a2e1bf)

2024-07-02 00:00:00

schneier

New Open SSH Vulnerability

2024-07-03 15:27:11

oraclelinux

openssh security update

2024-07-04 00:00:00

Important openssh security update

2006-11-30 00:00:00

openssh security update

2024-07-01 00:00:00

githubexploit

Exploit for CVE-2024-6387

2024-07-01 20:33:20

Exploit for CVE-2024-6387

2024-07-02 12:48:27

Exploit for CVE-2024-6387

2024-07-02 20:35:53

archlinux

[ASA-202407-1] openssh: authentication bypass

2024-07-01 00:00:00

slackware

[slackware-security] openssh

2024-07-01 20:31:12

[slackware-security] openssh

2006-09-29 07:57:38

cbl_mariner

CVE-2024-6387 affecting package openssh for versions less than 8.9p1-6

2024-07-04 13:46:57

fedora

[SECURITY] Fedora 40 Update: openssh-9.6p1-1.fc40.4

2024-07-02 20:16:57

[SECURITY] Fedora 39 Update: openssh-9.3p1-11.fc39

2024-07-02 18:08:34

[SECURITY] Fedora Core 5 Update: openssh-4.3p2-4.12.fc5

2007-04-03 21:39:33

freebsd

OpenSSH -- Race condition resulting in potential remote code execution

2024-07-01 00:00:00

openssh -- multiple vulnerabilities

2006-09-25 00:00:00

gentoo

OpenSSH: Remote Code Execution

2024-07-01 00:00:00

OpenSSH: Multiple Denial of Service vulnerabilities

2006-11-13 00:00:00

mageia

Updated openssh packages fix security vulnerability

2024-07-03 19:36:28

SOL14742 - OpenSSH vulnerability CVE-2008-4109

2013-10-10 00:00:00

K000140222: OpenSSH server vulnerability CVE-2024-6387

2024-07-01 00:00:00

K14742 : OpenSSH vulnerability CVE-2008-4109

2014-07-30 00:00:00

checkpoint_security

Check Point response to OpenSSH vulnerabilities: CVE-2006-5051 and CVE-2006-4924

2011-05-03 21:00:00

OpenSSH vulnerabilities: CVE-2006-5051 and CVE-2006-4924

2006-11-19 22:00:00

centos

openssh, openssl, openssl096b security update

2006-09-29 03:31:38

openssh security update

2006-10-02 01:42:56

ubuntu

OpenSSH vulnerability

2024-07-01 00:00:00

openssh vulnerabilities

2006-10-02 00:00:00

wizblog

RCE vulnerability in OpenSSH: everything you need to know

2024-07-01 13:49:17

redos

ROS-20240704-01

2024-07-04 00:00:00

cisco

Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion): July 2024

2024-07-02 16:00:00

prion

Code injection

2008-09-18 15:04:00

redhat

(RHSA-2006:0697) openssh security update

2006-09-28 00:00:00

(RHSA-2006:0698) openssh security update

2006-09-28 00:00:00

securityvulns

Multiple OpenSSH security vulnerabilities

2008-10-03 00:00:00

[SECURITY] [DSA 1638-1] New openssh packages fix denial of service

2008-09-20 00:00:00

debian

[SECURITY] [DSA 1212-1] New openssh packages fix denial of service

2006-11-15 17:26:52

[SECURITY] [DSA 1638-1] New openssh packages fix denial of service

2008-09-16 20:41:23

[SECURITY] [DSA 1189-1] New openssh-krb5 packages fix denial of service and potential execution of arbitrary code

2006-10-04 19:32:23

photon

Important Photon OS Security Update - PHSA-2024-5.0-0307

2024-07-01 00:00:00

Important Photon OS Security Update - PHSA-2024-4.0-0642

2024-07-01 00:00:00

attackerkb

CVE-2020-14871

2020-10-21 00:00:00

suse

remote denial of service in openssh

2006-10-20 14:30:36

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

0.791 High

EPSS

Percentile

98.3%

JSON

Related for ALPINE:CVE-2024-6387