<div dir="ltr">Attention all:<br><br>Qualys released a report on a critical vulnerability in OpenSSH dubbed <b><i>regreSSHion</i></b>.<br><br>In summary, certain versions of OpenSSH with a specific configuration can be exploited remotely to gain root access on the affected device.<br><br>Generally speaking, OpenSSH versions < 4.4p1 and >= 8.5p1 are vulnerable. However, certain Linux distributions may not have a default configuration that allows this vulnerability to be exploited.<br><br>While not inclusive of all Linux distributions, the following links provide guidance for RHEL and Ubuntu. <br><br>RHEL guidance - <a href="https://access.redhat.com/security/cve/cve-2024-6387">https://access.redhat.com/security/cve/cve-2024-6387</a><br>Ubuntu guidance - <a href="https://ubuntu.com/security/CVE-2024-6387">https://ubuntu.com/security/CVE-2024-6387</a><br><br>UCR ITS does not impose a campus-wide block on inbound traffic to port 22 (common port for SSH servers) at this time. <b>Thus, we are asking all CITL partners to review their inventory and implement patching as necessary as soon as possible. </b><br><br>If there are any questions regarding this notice, please reach out to <a href="mailto:infosecoffice@ucr.edu">infosecoffice@ucr.edu</a>.<br><br>Thank you.<br><br>ref. <a href="https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server">https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server</a> (Qualys article)<br><br clear="all"><div><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div style="border:0px;font-stretch:inherit;font-size:16px;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:rgb(0,0,0)"><font face="monospace"><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit">---</span><br><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit">Jonathan Ocab | </span><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit"><a href="mailto:jonathan.ocab@ucr.edu" rel="noopener noreferrer" style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:inherit;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline" target="_blank">jonathan.ocab@ucr.edu</a></span></font></div><div style="border:0px;font-stretch:inherit;font-size:16px;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:rgb(0,0,0)"><font face="monospace"><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit">Manager, Information Security Operations</span><br><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit">Information Security Office</span><br><span style="border:0px;font-style:inherit;font-variant:inherit;font-weight:inherit;font-stretch:inherit;font-size:10pt;line-height:inherit;margin:0px;padding:0px;vertical-align:baseline;color:inherit">University of California, Riverside</span></font></div></div></div></div></div>