CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent \ stacker news ~tech

CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent

61 sats \ 1 comment \ @beorange 19 Jul 2023 tech

view all related items

0 sats \ 0 replies \ @orthzar 20 Jul 2023

a heap-based buffer overflow

Every time. When you write a security-critical program in a language which does not do bounds-checking at runtime by default (e.g. C), these sorts of problems are essentially unavoidable.