A security regression (CVE-2006-5051) was discovered in OpenSSH’s server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

OSVersionArchitecturePackageVersionFilename
Debian12allopenssh< 1:9.2p1-2+deb12u3openssh_1:9.2p1-2+deb12u3_all.deb
Debian11allopenssh< 1:8.4p1-5+deb11u3openssh_1:8.4p1-5+deb11u3_all.deb
Debian999allopenssh< 1:9.7p1-7openssh_1:9.7p1-7_all.deb
Debian13allopenssh< 1:9.7p1-7openssh_1:9.7p1-7_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	openssh	< 1:9.2p1-2+deb12u3	openssh_1:9.2p1-2+deb12u3_all.deb
Debian	11	all	openssh	< 1:8.4p1-5+deb11u3	openssh_1:8.4p1-5+deb11u3_all.deb
Debian	999	all	openssh	< 1:9.7p1-7	openssh_1:9.7p1-7_all.deb
Debian	13	all	openssh	< 1:9.7p1-7	openssh_1:9.7p1-7_all.deb

cvelist 3

redhatcve 2

cve 3

freebsd_advisory 2

nvd 3

alpinelinux 1

vulnrichment 1

ubuntucve 3

thn 1

pentestpartners 1

qualysblog 1

debiancve 2

cert 1

packetstorm 1

virtuozzo 3

nessus 35

f5 5

ubuntu 2

githubexploit 33

fedora 3

openvas 23

securityvulns 2

osv 5

prion 1

redhat 2

wizblog 1

cisco 1

oraclelinux 2

archlinux 1

slackware 2

centos 2

checkpoint_security 2

debian 4

freebsd 2

gentoo 2

photon 2

suse 1

cvelist

CVE-2024-6387 Openssh: possible remote code execution due to a race condition in signal handling

2024-07-01 12:37:25

CVE-2006-5051

2006-09-27 23:00:00

CVE-2008-4109

2008-09-17 18:06:00

redhatcve

CVE-2024-6387

2024-07-01 10:24:35

CVE-2008-4109

2015-10-30 10:23:32

cve

CVE-2024-6387

2024-07-01 13:15:06

CVE-2006-5051

2006-09-27 23:07:00

CVE-2008-4109

2008-09-18 15:04:27

freebsd_advisory

FreeBSD-SA-24:04.openssh

2024-07-01 00:00:00

FreeBSD-SA-06:22.openssh

2006-09-30 00:00:00

nvd

CVE-2024-6387

2024-07-01 13:15:06

CVE-2006-5051

2006-09-27 23:07:00

CVE-2008-4109

2008-09-18 15:04:27

alpinelinux

CVE-2024-6387

2024-07-01 13:15:06

vulnrichment

CVE-2024-6387 Openssh: possible remote code execution due to a race condition in signal handling

2024-07-01 12:37:25

ubuntucve

CVE-2024-6387

2024-07-01 00:00:00

CVE-2006-5051

2006-09-27 00:00:00

CVE-2008-4109

2008-09-18 00:00:00

thn

New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems

2024-07-01 10:50:00

pentestpartners

RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387)

2024-07-02 05:31:12

qualysblog

regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server

2024-07-01 08:23:20

debiancve

CVE-2006-5051

2006-09-27 23:07:00

CVE-2008-4109

2008-09-18 15:04:27

cert

OpenSSH contains a race condition vulnerability

2006-10-04 00:00:00

packetstorm

OpenSSH Server regreSSHion Remote Code Execution

2024-07-01 00:00:00

virtuozzo

Virtuozzo Hybrid Infrastructure 6.2 (6.2.0-138)

2024-07-01 00:00:00

Virtuozzo Hybrid Infrastructure 6.0 Update 1.8 (6.0.1-98)

2024-07-01 00:00:00

Virtuozzo Hybrid Infrastructure 6.1 Update 1.3 (6.1.1-44)

2024-07-01 00:00:00

nessus

Debian dsa-5724 : openssh-client - security update

2024-07-01 00:00:00

Amazon Linux 2023 : openssh, openssh-clients, openssh-keycat (ALAS2023-2024-649)

2024-07-02 00:00:00

F5 Networks BIG-IP : OpenSSH vulnerabilities (SOL6736)

2016-01-28 00:00:00

K000140222: OpenSSH server vulnerability CVE-2024-6387

2024-07-01 00:00:00

K14742 : OpenSSH vulnerability CVE-2008-4109

2014-07-30 00:00:00

SOL14742 - OpenSSH vulnerability CVE-2008-4109

2013-10-10 00:00:00

ubuntu

OpenSSH vulnerability

2024-07-01 00:00:00

openssh vulnerabilities

2006-10-02 00:00:00

githubexploit

Exploit for CVE-2024-6387

2024-07-02 16:34:12

Exploit for CVE-2024-6387

2024-07-02 10:05:43

Exploit for CVE-2024-6387

2024-07-03 08:22:57

fedora

[SECURITY] Fedora 39 Update: openssh-9.3p1-11.fc39

2024-07-02 18:08:34

[SECURITY] Fedora 40 Update: openssh-9.6p1-1.fc40.4

2024-07-02 20:16:57

[SECURITY] Fedora Core 5 Update: openssh-4.3p2-4.12.fc5

2007-04-03 21:39:33

openvas

Ubuntu: Security Advisory (USN-6859-1)

2024-07-02 00:00:00

Debian: Security Advisory (DSA-1212)

2008-01-17 00:00:00

FreeBSD Security Advisory (FreeBSD-SA-06:22.openssh.asc)

2008-09-04 00:00:00

securityvulns

Multiple OpenSSH security vulnerabilities

2008-10-03 00:00:00

[SECURITY] [DSA 1638-1] New openssh packages fix denial of service

2008-09-20 00:00:00

osv

openssh

2006-11-15 00:00:00

openssh-krb5

2006-10-04 00:00:00

openssh vulnerability

2024-07-01 09:06:31

prion

Code injection

2008-09-18 15:04:00

redhat

(RHSA-2006:0697) openssh security update

2006-09-28 00:00:00

(RHSA-2006:0698) openssh security update

2006-09-28 00:00:00

wizblog

RCE vulnerability in OpenSSH: everything you need to know

2024-07-01 13:49:17

cisco

Remote Unauthenticated Code Execution Vulnerability in OpenSSH Server (regreSSHion): July 2024

2024-07-02 19:50:00

oraclelinux

openssh security update

2024-07-01 00:00:00

Important openssh security update

2006-11-30 00:00:00

archlinux

[ASA-202407-1] openssh: authentication bypass

2024-07-01 00:00:00

slackware

[slackware-security] openssh

2024-07-01 20:31:12

[slackware-security] openssh

2006-09-29 07:57:38

centos

openssh, openssl, openssl096b security update

2006-09-29 03:31:38

openssh security update

2006-10-02 01:42:56

checkpoint_security

Check Point response to OpenSSH vulnerabilities: CVE-2006-5051 and CVE-2006-4924

2011-05-03 21:00:00

OpenSSH vulnerabilities: CVE-2006-5051 and CVE-2006-4924

2006-11-19 22:00:00

debian

[SECURITY] [DSA 1212-1] New openssh packages fix denial of service

2006-11-15 17:26:52

[SECURITY] [DSA 1638-1] New openssh packages fix denial of service

2008-09-16 20:41:23

[SECURITY] [DSA 1189-1] New openssh-krb5 packages fix denial of service and potential execution of arbitrary code

2006-10-04 19:32:23

freebsd

openssh -- multiple vulnerabilities

2006-09-25 00:00:00

OpenSSH -- Race condition resulting in potential remote code execution

2024-07-01 00:00:00

gentoo

OpenSSH: Multiple Denial of Service vulnerabilities

2006-11-13 00:00:00

OpenSSH: Remote Code Execution

2024-07-01 00:00:00

photon

Important Photon OS Security Update - PHSA-2024-4.0-0642

2024-07-01 00:00:00

Important Photon OS Security Update - PHSA-2024-5.0-0307

2024-07-01 00:00:00

suse

remote denial of service in openssh

2006-10-20 14:30:36

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.3 High

AI Score

Confidence

High

0.791 High

EPSS

Percentile

98.3%

JSON

Related for DEBIANCVE:CVE-2024-6387