Exploit for #VU93513 Race condition in OpenSSH

Vulnerability identifier: #VU93513

Vulnerability risk: High

CVSSv4.0: [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Amber]

CVE-ID: CVE-2024-6387

CWE-ID: CWE-362

Exploitation vector: Network

Exploits in database: 13

• January 20, 2025
  • CVE-2024-6387 (This is an altered PoC for d0rb/CVE-2024-6387. This takes glibc addresses and trys to exploit the CVE through them.) [Github]
• January 10, 2025
  • CVE-2024-6387_PoC [Github]
• December 19, 2024
  • test_for6387 [Github]
• November 22, 2024
  • regreSSHion-checker [Github]
• August 16, 2024
  • CVE-202406387_Check.py [Github]
• August 2, 2024
  • ssh_poc2024 (An exploit for CVE-2024-6387, targeting a signal handler race condition in OpenSSH's server ) [Github]
• July 26, 2024
  • CVE-2024-6387 [Github]
• July 19, 2024
  • CVE-2024-6387 [Github]
  • CVE-2024-6387 [Github]
• July 12, 2024
  • CVE-2024-6387 [Github]
• July 5, 2024
  • CVE-2024-6387-CHECK [Github]
  • cve-2024-6387-poc [Github]
  • CVE-2024-6387-PoC [Github]

Vulnerable software:
OpenSSH
Server applications / Remote management servers, RDP, SSH

Vendor: OpenSSH