[rwth-security] SSH ProxyCommand == unexpected code execution (CVE-2023-51385)

24 Jan 2024


      Hallo zusammen,
sofern nicht selber schon gesehen/-lesen hier [0] FYI
"SSH ProxyCommand == unexpected code execution (CVE-2023-51385)"
--> bereist vom 17.12.2023
--> Infos von RedHat [1]
--> Infos von Debian [2]
--> Infos von Ubuntu [3]
--> PoC [4]
VG
Bernd
[0]
https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-ex...
[1]
https://access.redhat.com/security/cve/cve-2023-51385
[2]
https://security-tracker.debian.org/tracker/CVE-2023-51385
[3]
https://ubuntu.com/security/notices/USN-6565-1
[4]
https://github.com/Le1a/CVE-2023-51385
-- 

Bernd Kohler

IT Center
Abteilung: Netze
RWTH Aachen University
Wendlingweg 10
52074 Aachen
Tel: +49 241 80-29793
Fax: +49 241 80-22666
kohler@itc.rwth-aachen.de
https://www.itc.rwth-aachen.de

Social Media Kanäle des IT Centers:
https://blog.rwth-aachen.de/itc/
https://www.facebook.com/itcenterrwth
https://www.linkedin.com/company/itcenterrwth
https://twitter.com/ITCenterRWTH
https://www.youtube.com/channel/UCKKDJJukeRwO0LP-ac8x8rQ

2024

2023

2022

2021

2020

2019

2018

[rwth-security] SSH ProxyCommand == unexpected code execution (CVE-2023-51385)