CVE-2024-6409 Race Condition in OpenSSH 8.7p1,8.8p1

Nuclei Template checks for potentially vulnerable instances

id: CVE-2024-6409

info:
  name: CVE-2024-6409
  author: Redflare Cyber
  severity: high
  description: Race Condition in OpenSSH versions 8.7 and 8.8, allows for potential remote code execution (RCE) due to a race condition in signal handling within the privilege separation (privsep) child process.
  classification:
    cve-id: CVE-2024-6409
  metadata:
    max-request: 2
    vendor: OpenSSH
    shodan: product:"OpenSSH" version:"8.7p1,8.8p1"
    product: OpenSSH
  tags: cve,cve2024,regression,openssh,ssh

tcp:
  - host:
      - '{{Hostname}}'
      - '{{Host}}:22'

    inputs:
      - data: "SSH-2.0-OpenSSH_9.0\r\n"

    matchers:
      - type: regex
        part: body
        regex:
          - 'OpenSSH_(8\.7p1|8\.8p1)'
      - type: status
        status:
          - 200

PreviousCVE-2024-34750 NextSymfony F#ck U

Last updated 2 months ago