## https://sploitus.com/exploit?id=0FC4BE81-312B-51F4-9D9B-66D8B5C093CD
## Document Title - Mitigation Guide for CVE-2024-6387 in OpenSSH
### Introduction
This document outlines the steps for mitigating CVE-2024-6387, a security vulnerability affecting OpenSSH versions from 8.5p1 to 9.8p1. The vulnerability can be mitigated in two ways:
1. Adjusting the `LoginGraceTime` setting in the SSH configuration to reduce the window of opportunity for an attack.
2. Upgrading to a version of OpenSSH that is patched against CVE-2024-6387 (if such a version is available and compatible with your systems).
### Mitigation Option 1 - Configuring `LoginGraceTime`
The `LoginGraceTime` parameter specifies the time limit for SSH clients to authenticate successfully. Setting this parameter to 0 can effectively reduce the vulnerability window by requiring immediate authentication upon connection.
#### Steps to Adjust `LoginGraceTime`
1. **Open the SSH Configuration File**
As the root user, open the `/etc/ssh/sshd_config` file using a text editor. For example:
```bash
vim /etc/ssh/sshd_config
```
2. **Modify the `LoginGraceTime` Parameter**
Locate the `LoginGraceTime` parameter. If it exists, modify it to:
```plaintext
LoginGraceTime 0
```
If the parameter does not exist, add it to the file with the same setting.
3. **Save and Close the File**
After making the changes, save the file and exit the text editor.
4. **Restart the SSH Service**
Apply the changes by restarting the SSH daemon:
```bash
systemctl restart sshd.service
```
5. **Verify the Configuration (Optional)**
Ensure that the configuration has been applied correctly:
```bash
sshd -T | grep logingracetime
```
This command should output `logingracetime 0`, confirming that the setting is applied.
### Mitigation Option 2 - Upgrading OpenSSH
If an upgrade path is available that patches CVE-2024-6387, it is recommended to update OpenSSH to this version. Follow these general steps to upgrade OpenSSH:
1. **Check Current Version**
Verify the current version of OpenSSH installed on your system:
```bash
ssh -V
```
2. **Search for Available Versions**
Check if a patched version is available in your distribution's repository:
```bash
apt list -a openssh-server
```
3. **Upgrade OpenSSH**
If a secure version is available, upgrade using the package manager:
```bash
sudo apt update
sudo apt upgrade openssh-server
```
4. **Restart the SSH Service**
Restart the SSH daemon to apply the upgrade:
```bash
systemctl restart sshd.service
```
5. **Verify the Upgrade**
Check the version again to ensure the upgrade was successful:
```bash
ssh -V
```
---
[Proof of Concept for CVE-2024-6387](https://github.com/acrono/cve-2024-6387-poc/)