New York, July 2, 2024
A security flaw was recently discovered in OpenSSH's server (sshd). OpenSSH is a version of the Secure Shell (SSH) protocol family of tools. Described as a signal handler race condition, it affects glibc-based Linux systems. CVE-2024-6387 (regreSSHion) is classified as critical as it allows for unauthenticated remote code execution (RCE) with root privileges, posing a threat to affected systems.
GNS takes all CVE notifications seriously. In this case, GNS is well placed to mitigate potential threats, having already implemented IP whitelisting on SSH connections, and blocking all others by default. All SSH / SFTP connections are continuously monitored and logged with repeated password failures blocked and reported to GNS' 24/7 staff.
In reference to this specific vulnerability, GNS has used our extensive Ansible toolset to apply the "LoginGraceTime 0" to all our SSH configurations, as recommended by the Qualys Security Advisory Team. All internet exposed hosts that GNS manages have mandatory weekly security updates applied, and when the distribution vendors release a validated patch, it will be implemented on these hosts.
For more information about GNS' security enabled managed and hosting services, please visit www.gnetsys.net.
This press release was published on 07.02.2024. For more information, please contact sales@gnetsys.net.