Conversation
AttackerKB
attackerkb
New assessment for topic: CVE-2024-6387
Topic description: "A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously ..."
"**TL;DR:** Neat! Doesn't sound like something that's going to be easily exploited or automated in pretty much any scenario, so I have little initial concern about widespread exploitation, or even exploitation at all ..."
Link: https://attackerkb.com/assessments/4449caee-544e-4984-ace6-4f5b53c0d2f2
Topic description: "A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously ..."
"**TL;DR:** Neat! Doesn't sound like something that's going to be easily exploited or automated in pretty much any scenario, so I have little initial concern about widespread exploitation, or even exploitation at all ..."
Link: https://attackerkb.com/assessments/4449caee-544e-4984-ace6-4f5b53c0d2f2
0
0
1