OpenSSH Remote Code Execution Vulnerability
Release Date: 25 Jul 2023
RISK: Medium Risk
TYPE: Servers - Network Management
A vulnerability was identified in OpenSSH. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Note:
Exploitation requires the presence of specific libraries on the victim system.
Remote exploitation requires that the agent was forwarded to an attacker-controlled system.
Impact
- Remote Code Execution
System / Technologies affected
- Version prior to OpenSSH 9.3p2
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
The vendors have issued fixes:
https://www.openssh.com/txt/release-9.3p2
沒有留言:
發佈留言