SB2024071076 - SUSE update for openssh 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024071076

SB2024071076 - SUSE update for openssh

Published: July 10, 2024

Security Bulletin ID SB2024071076
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) OS Command Injection (CVE-ID: CVE-2023-51385)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper input validation when processing user names, if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. A remote attacker can execute arbitrary OS commands via an untrusted Git repository.


2) Information disclosure (CVE-ID: CVE-2024-39894)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due a logic error in ObscureKeystrokeTiming implementation within the ssh client. A local user with ability to passively observe SSH sessions can recover sensitive input, such as password for the su or sudo programs.


Remediation

Install update from vendor's website.

References