Security News > 2023 > July > New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection

Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions.

"This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded ssh-agent," Saeed Abbasi, manager of vulnerability research at Qualys, said in an analysis last week.

It impacts all versions of OpenSSH before 9.3p2. OpenSSH is a popular connectivity tool for remote login with the SSH protocol that's used for encrypting all traffic to eliminate eavesdropping, connection hijacking, and other attacks.

SSH agent is a background program that maintains users' keys in memory and facilitates remote logins to a server without having to enter their passphrase again.

"While browsing through ssh-agent's source code, we noticed that a remote attacker, who has access to the remote server where Alice's ssh-agent is forwarded to, can load," Qualys explained.

Earlier this February, OpenSSH maintainers released an update to remediate a medium-severity security flaw that could be exploited by an unauthenticated remote attacker to modify unexpected memory locations and theoretically achieve code execution.

News URL

https://thehackernews.com/2023/07/new-openssh-vulnerability-exposes-linux.html