A severe vulnerability in OpenSSH, dubbed “regreSSHion” (CVE-2024-6387), has been discovered by the Qualys Threat Research Unit, potentially exposing

  • tmpodOPA
    link
    fedilink
    arrow-up
    4
    ·
    4 months ago

    Yeah, exactly. Very impracticable.

    • andrew@radiation.party
      link
      fedilink
      arrow-up
      6
      ·
      4 months ago

      But, eventually exploitable is still a pretty major concern for anybody who has systems running longer than a few days at a time.

      • tmpodOPA
        link
        fedilink
        arrow-up
        3
        ·
        4 months ago

        True, an RCE is always a serious thing. Just saying it’s not exactly catastrophic like others have been more so.

      • whereisk@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        4 months ago

        I can’t imagine any system of influence running an exposed ssh without some further protection from connection abuse like fail2ban.