## https://sploitus.com/exploit?id=E543E274-C20A-582A-8F8E-F8E3F381C345
# CVE-2024-6387 (regreSSHion) in OpenSSH
## Description
CVE-2024-6387, nicknamed "regreSSHion," is a critical vulnerability in OpenSSH that allows unauthenticated remote attackers to execute code with root privileges on vulnerable Linux systems. This vulnerability arises from a race condition in the signal handling of OpenSSH's server component (sshd) on glibc-based systems.
## Severity
High (CVSS Score: 8.1)
## Impact
Successful exploitation of this vulnerability can lead to:
* **Remote Code Execution:** Attackers can execute arbitrary code on the target system with the highest privileges (root).
* **System Compromise:** The compromised system can be used for further attacks or to gain access to sensitive data.
* **Denial of Service:** The attack may cause the OpenSSH server to crash, disrupting SSH services.
## Vulnerable Versions
OpenSSH versions 8.5p1 through 9.8p1 are vulnerable to CVE-2024-6387.
## Mitigation
1. **Update OpenSSH:** The most effective solution is to update OpenSSH to the latest version that includes the fix for this vulnerability.
2. **Disable Password Authentication:** If updating is not immediately possible, consider disabling password authentication and using SSH keys exclusively.
## Workarounds
There are no known workarounds for this vulnerability other than updating or disabling password authentication.
## Additional Resources
* **NVD:** https://nvd.nist.gov/vuln/detail/CVE-2024-6387
* **Qualys:** https://www.qualys.com/regresshion-cve-2024-6387/
* **Unit 42:** https://unit42.paloaltonetworks.com/threat-brief-cve-2024-6387-openssh/
## Disclaimer
This information is provided as-is and may be updated as new information becomes available. It is recommended to consult official sources and security advisories for the latest information regarding CVE-2024-6387.
## Features
- Scans single IP addresses, hostnames, CIDR ranges, or lists from a file.
- Supports custom SSH port numbers.
- Adjustable connection timeout.
- Categorizes servers as SAFE, VULNERABLE, UNKNOWN, or ERROR.
- Colored output for easy identification of results.
## Usage
1. **Prerequisites:**
- Python 3
- `argparse` and `ipaddress` modules (usually included with Python)
2. **Save and Run:**
- Save the code below as `cve_2024_6387_check.py`.
- Execute from the command line:
```bash
python3 Checker.py [options] <addresses>
-f, --file: Path to a file containing a list of IP addresses or CIDR ranges.
-p, --ports: Comma-separated list of SSH port numbers (default is 22).
-t, --timeout: Connection timeout in seconds (default is 5.0).