[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Savannah-hackers-public] Working through ssh upgrade throughout
|
From: |
Jing Luo |
|
Subject: |
Re: [Savannah-hackers-public] Working through ssh upgrade throughout |
|
Date: |
Wed, 03 Jul 2024 11:20:45 +0900 |
On 2024-07-02 01:39, Bob Proulx wrote:
Happy Monday Savannah!
FYI: I am working through the ssh upgrades on the servers in order to
mitigate the current news.
regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems
CVE-2024-6387
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
Bob, while you are at it, I think you might also want to check if
sendmail on vcs systemd & frontend is vulnerable to this (below).
sendmail (actually apt-listchanges??) sent an email to tell me that
sendmail got a security update (which I think is ironic).
Btw, I got a "permission denied" trying to login as svadm from mgt1 to
vcs2. Got distracted and did not try other hosts.
------8<--------cut-here-------8<--------
sendmail (8.18.1-3) unstable; urgency=medium
Sendmail was affected by SMTP smuggling (CVE-2023-51765).
Remote attackers can use a published exploitation technique
to inject e-mail messages with a spoofed MAIL FROM address,
allowing bypass of an SPF protection mechanism.
This occurs because sendmail supports some combinaison of
<CR><LF><NUL>.
.
This particular injection vulnerability has been closed,
unfortunately full closure need to reject mail that
contain NUL.
.
This is slighly non conformant with RFC and could
be opt-out by setting confREJECT_NUL to 'false'
in sendmail.mc file.
-- Bastien Roucariès <rouca@debian.org> Sun, 12 May 2024 19:38:09
+0000
------8<--------cut-here-------8<--------
--
Jing Luo
About me: https://jing.rocks/about/
GPG Fingerprint: 4E09 8D19 00AA 3F72 1899 2614 09B3 316E 13A1 1EFC
signature.asc
Description: OpenPGP digital signature