#FreeBSD #Security #vulnerability #ssh #OpenSSH
♲ Dervishe the Grey - 2024-08-12 07:26:44 GMT
🚨 Update your
freebsd machine asap
"The vulnerability poses a significant risk as it allows unauthenticated remote code execution, potentially leading to full system compromise. Attackers exploiting this flaw can gain root access, install backdoors, exfiltrate data, or deploy malware."
https://cybersecuritynews.com/openssh-vulnerability-freebsd/
source: https://www.phoronix.com/news/RegreSSHion-CVE-2024-6387
#exploit #security #software #server #news #update #patch #cybersecurity
Service outage / Coupure de service
une mise à jour de #openssh pour #FreeBSD est en attente sur le serveur popeye. Je vais lancer la procédure dans la soirée, les services suivant vont être indisponible un petit moment.
#openssh security patche on #FreeBSD is pending on the popeye server.I will proceed to server and jails upgrades later in the evening.
The following services will be unavailable for a while:
Based on searches using Censys and Shodan, we have identified over 14 million potentially vulnerable #OpenSSH server instances exposed to the Internet. Anonymized data from Qualys CSAM 3.0 with External Attack Surface Management data reveals that approximately 700,000 external internet-facing instances are vulnerable. This accounts for 31% of all internet-facing instances with OpenSSH in our global customer base. Interestingly, over 0.14% of vulnerable internet-facing instances with OpenSSH service have an End-Of-Life/End-Of-Support version of OpenSSH running.
…The vulnerability, which is a signal handler race condition in OpenSSH's server (#sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based #Linux systems.
In our #security analysis, we identified that this vulnerability is a regression of the previously patched vulnerability CVE-2006-5051, which was reported in 2006.
Une mise à jour pour FreeBSD est en attente sur le serveur popeye.
Je vais lancer la procédure dans la journée, demain mercredi. les services suivant vont être indisponible un petit moment.
A set of FreeBSD patches are pending on the popeye server.
I will proceed to server and jails upgrades during the day tomorrow, on Wednesday 20.
The following services will be unavailable for a while:
#openSSH 8.9 Released, Removes Support for MD5-Hashed Passwords http://www.tuxmachines.org/node/161773#comment-32927
Links 23/2/2022: #OpenSSH 8.9, Levente Polyak Cemented as Arch Project Leader, Intel Acquires Linutronix • Techrights ⚓ http://techrights.org/2022/02/23/intel-acquires-linutronix/ ䷉ #Techrights #GNU #Linux #FreeSW | ♾ Gemini address: gemini://gemini.techrights.org/2022/02/23/intel-acquires-linutronix/
#OpenSSH 8.9 released • Tux Machines ⇨ http://www.tuxmachines.org/node/161773 #BSD #UNIX #openbsd #TuxMachines
https://www.geeek.org/bruteforce-ssh-endlessh/
#sécurité #openssh
https://mtacnet.tech/posts/ssh_security.html
#sécurité #openssh
Reminder that #ssh merphed into a company, just like PGP. Not the same as #openssh https://www.streetinsider.com/Globe+Newswire/PRESS+RELEASE+-+A+Fortune+500+Financial+Institution+Chooses+Universal+SSH+Key+Manager®/19365092.html
Si vous travaillez sur Windows, vous avez déjà sûrement considéré le
problème de la virtualisation et de ses solutions trop “bloat”. Dans ce
tutoriel, je vous propose de configurer une machine virtuelle VirtualBox
sans affichage pour travailler avec SSH.
https://khyrthy.github.io/posts/setup-vm/
#debian #virtualisation #openssh #archlinux
#OpenSSH, Squid, PostgreSQL Update in #Tumbleweed • 𝖳𝗎𝗑 𝖬𝖺𝖼𝗁𝗂𝗇𝖾𝗌 ⇨ http://www.tuxmachines.org/node/156835 #GNU #Linux #TuxMachines
