CVE-2024-6387 PoC — Openssh: regresshion - race condition in ssh allows rce/dos

Source

https://github.com/xiw1ll/CVE-2024-6387_Checker

Associated Vulnerability

Title:Openssh: regresshion - race condition in ssh allows rce/dos (CVE-2024-6387)
Description:A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

Description

Nuclei template to detect CVE-2024-6387. All latest patched versions are excluded.

Readme

# CVE-2024-6387_Checker
<img width="671" height="390" alt="image" src="https://github.com/user-attachments/assets/e9d935e9-6176-40ec-90df-243b69b3be46" />

## Excluded patched versions
* `SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.10+`
* `SSH-2.0-OpenSSH_9.3p1 Ubuntu-1ubuntu3.6+`
* `SSH-2.0-OpenSSH_9.3p1 Ubuntu-3ubuntu3.6+`
* `SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.3+`
* `SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u3+`
* `SSH-2.0-OpenSSH_8.4p1 Debian-5+deb11u3+`
* `SSH-2.0-OpenSSH_9.7p1 Debian-7+`
* `SSH-2.0-OpenSSH_9.6 FreeBSD-20240701+`
* `SSH-2.0-OpenSSH_9.7 FreeBSD-20240701+`
* `SSH-2.0-OpenSSH_9.7_p1-r4` (Alpine)
* `SSH-2.0-OpenSSH_9.6_p1-r1` (Alpine)
* `SSH-2.0-OpenSSH_9.3_p2-r2` (Alpine)
* `SSH-2.0-OpenSSH_9.1_p1-r6` (Alpine)
* `SSH-2.0-OpenSSH_9.6p1-1.fc40.4+` (Fedora)

File Snapshot


 [4.0K]  /data/pocs/f998aaebf6e101eb92061f08db6421a0ce85ab6c
├── [2.2K]  CVE-2024-6387.yaml
└── [ 776]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!