Updated July 9, 2024
Qualys has discovered a remote unauthenticated code execution vulnerability in OpenSSH’s server, sshd, in glibc-based Linux systems. Because this vulnerability is a regression of the previously patched vulnerability CVE-2006-5051, which was reported in 2006, it is being referred to as regreSSHion. The vulnerability has been assigned the CVE identifier CVE-2024-6387 and concerns the OpenSSH module that is used by many networking products including NetScaler.
The vulnerability is a signal handler race condition in OpenSSH’s server (sshd) that allows unauthenticated remote code execution as root on glibc-based Linux systems. This race condition affects OpenSSH in its default configuration.
OpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems.
Update installation
NetScaler customers, including NetScaler Gateway users, are impacted by this vulnerability and should immediately install the recommend updates. Permanent fixes are available to download here:
Improved vulnerability management with NetScaler Console
If you use NetScaler Console (formerly NetScaler Application Delivery Management), this is an ideal time to explore the security features it provides. The Security Advisory and Upgrade Advisory features can help reduce your time to patch, which can be critical in the current threat landscape:
- Security Advisory protects your infrastructure by highlighting NetScaler ADCs with CVE exposure, scheduling on-demand vulnerability scans, and suggesting remediations.
- Upgrade Advisory helps you with the lifecycle management of NetScaler ADCs.
- File Integrity Monitoring ensures the integrity of the files on NetScalers ADCs by determining if changes have been made to your NetScaler build files.
Jaskirat Singh Chauhan is a principal product manager at NetScaler