New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection

Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions.

“This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent,” Saeed Abbasi, manager of vulnerability research at Qualys, said in an analysis last week.

It impacts all versions of OpenSSH before 9.3p2. OpenSSH is a popular connectivity tool for remote login with the SSH protocol that’s used for encrypting all traffic to eliminate eavesdropping, connection hijacking, and other attacks.

SSH agent is a background program that maintains users’ keys in memory and facilitates remote logins to a server without having to enter their passphrase again.

“While browsing through ssh-agent’s source code, we noticed that a remote attacker, who has access to the remote server where Alice’s ssh-agent is forwarded to, can load,” Qualys explained.

Earlier this February, OpenSSH maintainers released an update to remediate a medium-severity security flaw that could be exploited by an unauthenticated remote attacker to modify unexpected memory locations and theoretically achieve code execution.

Share this article on social media:

Subscribe to Our Newsletter!

Stay on top of cybersecurity risks, evolving threats and industry news.

This field is for validation purposes and should be left unchanged.

Recent News

Featured Services

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

BOOK A MEETING

Provide your contact details

This field is for validation purposes and should be left unchanged.

* Aucun fournisseur de courriel personnel permis (e.g: gmail.com, hotmail.com, etc.)

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.