Showing only posts tagged openssh. Show all posts.

“RegreSSHion” vulnerability in OpenSSH gives attackers root on Linux

Source

Enlarge Researchers have warned of a critical vulnerability affecting the OpenSSH networking utility that can be exploited to give attackers complete control of Linux and Unix servers with no authentication required. The vulnerability, tracked as CVE-2024-6387, allows unauthenticated remote code execution with root system rights on Linux systems that …

Linux maintainers were infected for 2 years by SSH-dwelling backdoor with huge reach

Source

Enlarge (credit: BeeBright / Getty Images / iStockphoto ) Infrastructure used to maintain and distribute the Linux operating system kernel was infected for two years, starting in 2009, by sophisticated malware that managed to get a hold of one of the developers’ most closely guarded resources: the /etc/shadow files that stored …