05 June 2024 IBM i Security Alert: critical risk to OpenSSH (13/11/2023)

Hello very bad news today, following the publication of a major security alert with a CVSS index of 9.8. As a reminder, the CVSS index (Common Vulnerability Scoring System) is a system used to calculate a score evaluating the criticality of a vulnerability. This system ranges from 0, an almost zero risk, to 10, a critical risk.
This critical flaw comes from the OpenSSH open source tool. It could allow a remote attacker to execute arbitrary commands on the system due to incorrect shell metacharacter validation. By sending a specially crafted request using expansion tokens, an attacker could exploit this vulnerability to execute arbitrary commands on the system. This vulnerability is very dangerous and gayte.it strongly advises you to apply the following PTF patch, which can be found here: https: //lnkd.in/gcWY2V5m

Posted in

Latest news

Alert

IBM i Security Alert: Ethernet recovery for certain IBM i adapters (12/03/2025)

12 March 2025
Read more
Alert

IBM i Security Alert: Database bypass denial of service (12/02/2025)

25 February 2025
Read more
Alert

IBM i Security Alert: Privilege elevation (02/25/2025)

25 February 2025
Read more
Alert

IBM i Security Alert: Vulnerabilities in the Java SDK (11/02/2025)

11 February 2025
Read more
Alert

IBM i Security Alert: RDi XStream (27/01/2025)

27 January 2025
Read more
Alert

IBM i Security Alert: IBM PowerHA SystemMirror (13/01/2025)

13 January 2025
Read more
Alert

IBM i Security Alert: 2 critical vulnerabilities in Rational Developer for i (RDi)!(10/12/2024)

10 December 2024
Read more
Alert

IBM i Security Alert: 4 vulnerabilities in the IBM HTTP Server! (09/12/2024)

09 December 2024
Read more