Please confirm which versions (if any) are vulnerable to CVE-2024-6387

PowerShell / Win32-OpenSSH

Win32 port of OpenSSH

7.22k stars 742 forks source link

Please confirm which versions (if any) are vulnerable to CVE-2024-6387 #2249

Open camerondm9 opened 4 days ago

camerondm9 commented 4 days ago

Request for information

CVE-2024-6387 (stylized as regreSSHion) is a Remote Unauthenticated Code Execution vulnerability in sshd in glibc-based Linux systems, discovered by Qualys.

What I want to know: Is OpenSSH for Windows vulnerable?

I don't see any changes that line up with Qualys's disclosure timeline, and the version number that I get when I do a fresh install via Add-WindowsCapability -Online -Name OpenSSH.Server~~~~0.0.1.0 is 8.6.0.1 (which falls within the vulnerable range, according to what I'm seeing).

alex180500 commented 3 days ago

Is there any update? why is ssh on windows so behind...

ebenhoehdaniel commented 3 days ago

We have Windows Server 2019 and 2022 and need the information if the OpenSSH-Feature is vulnerable, too. All very old SSH-Server - Microsoft, have you forgotten your Secure Future Initiative (SFI): https://www.microsoft.com/en-us/microsoft-cloud/resources/built-in-security

https://www.microsoft.com/en-us/security/blog/2024/05/03/security-above-all-else-expanding-microsofts-secure-future-initiative/

GossiTheDog commented 3 days ago

Confirming the latest Windows 11 release is vulnerable version:

foxt commented 3 days ago

https://www.qualys.com/regresshion-cve-2024-6387/

discovered this unauthenticated Remote Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems.

Windows is neither Linux or glibc-based so I assume it's not relevant?

FrancoisSSC commented 3 days ago

Does this vulnerability affect macOS or Windows? While it is likely that the vulnerability exists in both macOS and Windows, its exploitability on these platforms remains uncertain. Further analysis is required to determine the specific impact.

https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server

GossiTheDog commented 3 days ago

https://www.qualys.com/regresshion-cve-2024-6387/

discovered this unauthenticated Remote Code Execution (RCE) vulnerability in OpenSSH’s server (sshd) in glibc-based Linux systems.

Windows is neither Linux or glibc-based so I assume it's not relevant?

FreeBSD is neither Linux or glibc based, but they patched it.

NoMoreFood commented 3 days ago

Based on my topical analysis and general knowledge of how signal handling is done in this fork, I do not believe this vulnerability is relevant to this fork.

Gautam-deepak commented 2 days ago

Is there any update on this ? Please confirm..