New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systemsthehackernews.com/2024/07/new-openssh-vulnerability-could-lead-to.html
1643 sats \ 3 comments \ @C_Otto 1 Jul security
write
preview
related posts
253 sats \ 1 reply \ @ek 1 Jul freebie
The worst part about all these vulnerabilities must be that one gets numb to them:
Oh, another vulnerability? I hope I am not affected but I don't really care, lol.
I know, bad attitude but I think that's what most people think.
However, this has a CVSS score of 8.1 which definitely grabs my attention.
I really want to do posts about exploiting past CVEs so they are less abstract for people and they might care more about them.
For example, we had to exploit the Heartbleed vulnerability in a university lab and I was shocked how easy it was with the right tools, lol. That really brought home how severe it was.
reply
130 sats \ 0 replies \ @JesseJames 1 Jul
Bingo. That's why it is a smart idea to have ansible-update runbook running in cron daily across your fleet (no matter how big/small) to take care of these issues and discord alerts (or others) if something go south. Can't be reactive anymore, unfortunately a lot of companies like Big Banks still are... and that's the sad part. It's not like they can't afford it, they just not well organized and are not nimble to react quickly.
reply
10 sats \ 0 replies \ @zuspotirko 1 Jul
ssh seems to can't catch a break...
reply