by @jakaba
28 Mar 2024

Exploring OpenSSH's Agent Forwarding RCE (CVE-2023-38408)

by @jakaba
28 Mar 2024

Exploring OpenSSH's Agent Forwarding RCE (CVE-2023-38408)

CVEs

9.8 Critical Severity

Apps

O
OpensshOpenbsd
3.0.1P1.*
4.1P1.*
4.0P1.*
2.9.9P2.*
3.7.1P1.*
3.6.1P1.*
3.2.3P1.*
3.0P1.*
3.8.1P1.*
3.2.2P1.*
7.9.*
8.4.*
8.7.*
7.4.*
8.2.*
9.1.*
8.1.*
6.7.*
7.6.*
6.0.*
8.8.*
7.9.*
8.4.*
8.7.*
7.7.*
8.9.*
6.6.*
9.3.*
8.2.*
7.3.*

Screenshots from the blog posts

images/club15awlnyp91hmv5geuaygd.jpgimages/club15awlnyp91hmv5geuaygd.jpg

Summary

The `ssh-agent` acts as a key manager for SSH authentication, facilitating agent forwarding to bypass the need to keep keys on remote hosts. NIST assigned the CVE identifier CVE-2023-38408 on July 19th in response to a critical vulnerability in OpenSSH's PKCS#11 feature prior to version 9.3p2.

Description

users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

64.3K

Social media links

Comments (0)