CVE-2024-6387 PoC — Openssh: regresshion - race condition in ssh allows rce/dos

Source

https://github.com/shamo0/CVE-2024-6387_PoC

Associated Vulnerability

Title:Openssh: regresshion - race condition in ssh allows rce/dos (CVE-2024-6387)
Description:A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Description

Script for checking CVE-2024-6387 (regreSSHion)

Readme

# CVE-2024-6387 PoC

This Bash script is designed to check if a server is running a vulnerable version of OpenSSH based on its SSH banner. It verifies if the SSH port is open and examines the banner response to determine if it matches any known vulnerable versions.

## Usage

1. Clone the Repo
```
git clone https://github.com/shamo0/CVE-2024-6387_PoC
cd CVE-2024-6387_PoC
```

2. Run the script
```
check.sh <ip> [<ip> ...] [--port=<port>] [--timeout=<timeout>] [--file=<filename>]
```

### Output

- If the server is vulnerable, the script will print <ip>:<port> vulnerable (running SSH version).
- If the server is not vulnerable, it will print <ip>:<port> not vulnerable (running SSH version).
- If the SSH port is closed, it will print <ip>:<port> closed.

File Snapshot


 [4.0K]  /data/pocs/f5844ceb6c1da854ad4281d78aaf4c9f520c150a
├── [2.2K]  check.sh
└── [ 762]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!