Leaderboard

regreSSHion: Remote Unauthenticated Code Execution Vulnerability in OpenSSH server Bharat Jogi, Senior Director, Threat Research Unit, Qualys July 1, 2024 - 5 min read Table of Contents About OpenSSH: Securing Enterprise Communications and Infrastructure Affected OpenSSH versions: Potential Impact of regreSSHion Immediate Steps to Mitigate Risk Technical Details Qualys QID Coverage Discover Vulnerable Assets Using Qualys CyberSecurity Asset Management (CSAM) Enhance Your Security Posture with Qualys Vulnerability Management, Detection, and Response (VMDR) Gain exposure visibility and remediation tracking with the regreSSHion Unified Dashboard Automatically Patch regreSSHion vulnerability With Qualys Patch Management Frequently Asked Questions (FAQs) The Qualys Threat Research Unit (TRU) has discovered a Remote Unauthenticated Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems. CVE assigned to this vulnerability is CVE-2024-6387. The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk. This race condition affects sshd in its default configuration. Based on searches using Censys and Shodan, we have identified over 14 million potentially vulnerable OpenSSH server instances exposed to the Internet. Anonymized data from Qualys CSAM 3.0 with External Attack Surface Management data reveals that approximately 700,000 external internet-facing instances are vulnerable. This accounts for 31% of all internet-facing instances with OpenSSH in our global customer base. Interestingly, over 0.14% of vulnerable internet-facing instances with OpenSSH service have an End-Of-Life/End-Of-Support version of OpenSSH running. In our security analysis, we identified that this vulnerability is a regression of the previously patched vulnerability CVE-2006-5051, which was reported in 2006. A regression in this context means that a flaw, once fixed, has reappeared in a subsequent software release, typically due to changes or updates that inadvertently reintroduce the issue. This incident highlights the crucial role of thorough regression testing to prevent the reintroduction of known vulnerabilities into the environment. This regression was introduced in October 2020 (OpenSSH 8.5p1). Articol complet: https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

Exista. Am lucrat putin pe automatica si am vazut proiecte foarte similare. E mult research pe partea de Markov Chains, Reinforcment learning, Safe space representation, Learning by replication etc. Te avertizez ca astea sunt teme de PhD. si multi studiaza 3-4 ani pentru a imbunatati o singura parte a sistemului. Eventual exista solutii comerciale la pret de cateva sute de mii de $. Daca vrei sa faci tu la nivel de proiect de licenta se poate si asa, dar nu te astepta sa fie functional. Edit: @Che Am vazut ca intrebi des de AI. Sa stii ca Ai-ul nu e cum iti imaginezi tu. Nu e ca un om sa ii dai un task si el invata si face. Altfel de ce se angajeaza 'AI engineer' pe zeci de mii de $? AI-ul se construieste pt un task anume, nu poate face orice. Nu poate invata decat intr-un singur fel. AI-ul modern e defapt un optimizator care incearca sa gasesca minimul unui spatiu de solutii. Un inginer AI are jobul de a reprezenta matematic, pe intelesul optimizatorului, taskul pe care il vrei realizat. De ex: Inginerii google au gasit o serie de transformari care reprezinta features din imagini. Astfel optimizatorul reuseste sa clasifice imaginile in functie de ce reprezinta ele (clasifica caini, pisici, flori etc.). Fara reprezentarea features din imagini (Convolutii, LMST, Transformers etc.) AI-ul nu intelege ce e aia o imagine. Pentru un brat robotic trebuie sa reprezinti pozitiile si actiunile pe care le poate face. Trebuie sa descrii un goal matematic, sa reprezinti actiunile care nu pot fi executate, sa evaluezi eficienta unei solutii, etc. etc. Dupa toate astea, atunci poti antrena un AI care speri sa faca ce vrei tu. Daca ai gresit undeva, nu va functiona. De aia costa sute de mii de $ si ani pe research.