1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Thousands of servers could be at risk due to major OpenSSH securi

    From TechnologyDaily@1337:1/100 to All on Tue Jul 2 12:45:05 2024
    Thousands of servers could be at risk due to major OpenSSH security flaw

    Date:
    Tue, 02 Jul 2024 12:30:00 +0000

    Description:
    OpenSSH reintroduced a "glaring hole" four years ago which could allow for full device takeover.

    FULL STORY ======================================================================

    OpenSSH, regarded as one of the most secure software implementations in the world has a glaring gap that allows threat actors to completely take over Linux systems that have it installed, experts have warned.

    A report from Qualys claims the vulnerability has been present in OpenSSH for four years, and is currently affecting some 14 million endpoints worldwide.

    Qualys dubbed its finding regreSSHion, and says it is now tracked as CVE-2024-6387. The flaw was named regreSSHion since it is a regression of the previously patched vulnerability CVE-2006-5051, fixed back in 2006. A regression is a flaw that was once fixed but was later reintroduced. RegreSSHion

    If exploited, this vulnerability allows an attacker to execute arbitrary code with the highest privileges, leading to complete system takeover,
    installation of malware , creation of backdoors, and more, the researchers said.

    In a blog post detailing the findings, Qualys says that anonymized data from its CSAM 3.0 with External Attack Surface Management data revealed approximately 700,000 external internet-facing instances as vulnerable.

    This accounts for 31% of all internet-facing instances with OpenSSH in our global customer base, the researchers added. Interestingly, over 0.14% of vulnerable internet-facing instances with OpenSSH service have an End-Of-Life/End-Of-Support version of OpenSSH running.

    As per the warning given out by the researchers, the vulnerability is as serious as the Apache Log4J issue discovered back in 2021. That issue,
    tracked as CVE-2021-44228, and dubbed Log4Shell, was found in the Log4J logging library, widely used in Java applications. It allowed threat actors
    to execute malicious code remotely, and essentially take over the entire endpoint.

    It was said that it impacted a vast number of organizations across different industries, including powerhouses such as Apple, Amazon, Tesla, and others. While the exact number of companies affected is impossible to determine, general consensus is that Log4Shell affected hundreds of millions of applications and devices globally. More from TechRadar Pro OpenSSH
    connections could be cracked by this all-new cyberattack Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/thousands-of-servers-could-be-at-risk-d ue-to-major-openssh-security-flaw


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)