Share
## https://sploitus.com/exploit?id=E543E274-C20A-582A-8F8E-F8E3F381C345
# CVE-2024-6387 (regreSSHion) in OpenSSH

## Description

CVE-2024-6387, nicknamed "regreSSHion," is a critical vulnerability in OpenSSH that allows unauthenticated remote attackers to execute code with root privileges on vulnerable Linux systems. This vulnerability arises from a race condition in the signal handling of OpenSSH's server component (sshd) on glibc-based systems.

## Severity

High (CVSS Score: 8.1)

## Impact

Successful exploitation of this vulnerability can lead to:

*   **Remote Code Execution:** Attackers can execute arbitrary code on the target system with the highest privileges (root).
*   **System Compromise:** The compromised system can be used for further attacks or to gain access to sensitive data.
*   **Denial of Service:** The attack may cause the OpenSSH server to crash, disrupting SSH services.

## Vulnerable Versions

OpenSSH versions 8.5p1 through 9.8p1 are vulnerable to CVE-2024-6387.

## Mitigation

1.  **Update OpenSSH:** The most effective solution is to update OpenSSH to the latest version that includes the fix for this vulnerability.

2.  **Disable Password Authentication:** If updating is not immediately possible, consider disabling password authentication and using SSH keys exclusively.

## Workarounds

There are no known workarounds for this vulnerability other than updating or disabling password authentication.

## Additional Resources

*   **NVD:** https://nvd.nist.gov/vuln/detail/CVE-2024-6387
*   **Qualys:** https://www.qualys.com/regresshion-cve-2024-6387/
*   **Unit 42:** https://unit42.paloaltonetworks.com/threat-brief-cve-2024-6387-openssh/

## Disclaimer

This information is provided as-is and may be updated as new information becomes available. It is recommended to consult official sources and security advisories for the latest information regarding CVE-2024-6387.

## Features

- Scans single IP addresses, hostnames, CIDR ranges, or lists from a file.
- Supports custom SSH port numbers.
- Adjustable connection timeout.
- Categorizes servers as SAFE, VULNERABLE, UNKNOWN, or ERROR.
- Colored output for easy identification of results.

## Usage

1. **Prerequisites:**
   - Python 3
   - `argparse` and `ipaddress` modules (usually included with Python)

2. **Save and Run:**
   - Save the code below as `cve_2024_6387_check.py`.
   - Execute from the command line:

   ```bash
   python3 Checker.py [options] <addresses>
   -f, --file: Path to a file containing a list of IP addresses or CIDR ranges.
   -p, --ports: Comma-separated list of SSH port numbers (default is 22).
   -t, --timeout: Connection timeout in seconds (default is 5.0).