This repository contains a Python script designed to help network administrators scan and secure SSH configurations against the CVE-2024-6387 vulnerability found in OpenSSH's signal handling mechanism. This vulnerability, if exploited, can allow unauthorized access or denial of service attacks due to race conditions during authentication timeouts.
CVE-2024-6387 targets a race condition issue in OpenSSH where failure to authenticate within the LoginGraceTime
can lead to potential security vulnerabilities.
This script helps in identifying and mitigating such risks by adjusting server configurations and ensuring systems are updated and secure.
- SSH Configuration Scanning: Automatically scans the SSH configurations of network hosts.
- LoginGraceTime Adjustment: Suggests or makes adjustments to the
LoginGraceTime
parameter to secure SSH servers. - Reporting: Generates a detailed report of the current SSH configurations and any changes applied.
Before running this script, ensure you have the following:
- Python 3.6 or higher
- Paramiko library installed (
pip install paramiko
)
Clone this repository to your local machine:
git clone https://github.com/grupooruss/CVE-2024-6387-Tester.git cd CVE-2024-6387-Tester
To run the script, execute the following command in your terminal: CVE-2024-6387.py
Make sure to modify the script with appropriate credentials and IP addresses of the servers you intend to scan.
This project is licensed under the MIT License - see the LICENSE.md file for details. Contact
For any inquiries or contributions, please contact www.grupooruss.com or open an issue in this repository.
Thanks to all contributors who have helped in identifying and mitigating this vulnerability:
https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server Special thanks to cybersecurity researchers and network administrators dedicated to improving network security.