- Community Home
- >
- Software
- >
- HPE OneView
- >
- HPE Oneview & CVE-2024-6387
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-04-2024 03:39 AM - last edited on 07-10-2024 11:17 PM by support_s
07-04-2024 03:39 AM - last edited on 07-10-2024 11:17 PM by support_s
Hi,
How
Assigner: Red Hat, Inc.
Title: Openssh: Possible Remote Code Execution Due To A Race Condition In Signal Handling
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead to sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
----------------------
Solved! Go to Solution.
- Tags:
- OneView
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-08-2024 11:44 PM
07-08-2024 11:44 PM
SolutionHello,
HPE is aware of CVE-2024-6387 (a.k.a. "regreSSHion"), a signal handling vulnerability in OpenSSH. Most HPE products are not vulnerable to this issue. However, for any affected products, security bulletins will be issued when fixes become available.
https://support.hpe.com/hpesc/public/docDisplay?docId=sd00001284en_us&page=GUID-D9A5A789-A7C0-4250-93FF-04D4FBD2E5A8.html&docLocale=en_US
Thanks.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-09-2024 07:47 AM
07-09-2024 07:47 AM
Re: HPE Oneview & CVE-2024-6387
HPE OneView does not use any of the vulnerable versions. As posted, monitor the official security bulletin status.
I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]