id: CVE-2024-6409
info:
name: CVE-2024-6409
author: Redflare Cyber
severity: high
description: Race Condition in OpenSSH versions 8.7 and 8.8, allows for potential remote code execution (RCE) due to a race condition in signal handling within the privilege separation (privsep) child process.
classification:
cve-id: CVE-2024-6409
metadata:
max-request: 2
vendor: OpenSSH
shodan: product:"OpenSSH" version:"8.7p1,8.8p1"
product: OpenSSH
tags: cve,cve2024,regression,openssh,ssh
tcp:
- host:
- '{{Hostname}}'
- '{{Host}}:22'
inputs:
- data: "SSH-2.0-OpenSSH_9.0\r\n"
matchers:
- type: regex
part: body
regex:
- 'OpenSSH_(8\.7p1|8\.8p1)'
- type: status
status:
- 200