search

xaitax / CVE-2024-6387_Check

CVE-2024-6387_Check is a lightweight, efficient tool designed to identify servers running vulnerable versions of OpenSSH
GNU General Public License v3.0
381 stars 77 forks source link

Added exclusion list #10

Closed HemeraOne closed 1 week ago

HemeraOne commented 1 week ago

Added an exclusion list which can be extended whenever required.

Added ubuntu as initial commit as they have patched the CVE in this specific version:

https://launchpad.net/ubuntu/+source/openssh/1:8.9p1-3ubuntu0.10

fixes #4

Clovel commented 1 week ago

I'd add SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u3 as Debian patched their's as well.

HemeraOne commented 1 week ago

I'd add SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u3 as Debian patched their's as well.

Thanks! updated

Source: https://security-tracker.debian.org/tracker/CVE-2024-6387

Clovel commented 1 week ago

I found this link to the Ubuntu Notices that specifies more versions : https://ubuntu.com/security/notices/USN-6859-1

AkechiShiro commented 1 week ago

@xaitax Can this be merged then if there are more exclusion, a new PR will be added ?

xaitax commented 1 week ago

Merged and more than welcome to add more exclusions! Thank you guys @AkechiShiro @Clovel @HemeraOne