OpenSSH 8.2p1 - any known CVE ?

Off-topic Exploits
1

Hi,
Could anyone tell me if there is any known vuln for OpenSSH 8.2p1 or similar?
I often find this version and nmap tells me like 20 Exploits, but none of them is “real” or useful (without any target information like PW/User combo).

By exploit I mean RCE or similar. DoS is not interesting in any case.

I searched the Internet for hours, but couldn’t find anything useful.
Therefor I think, there is none.

It would be useful if someone could confirm this to me.
Or give me a hint or explication on how I should look at OpenSSH to find something. Perhaps I just think in a wrong way there.
Any tips for other search possibilities would be great also.

Any kind of information that could help finding it :slight_smile:

Thanks.

1 Like
2

have you found anything about it cuz now it is my turn ! HELP ME

3

you’re welcome: Vulnerabilities in OpenSSH 8.2p1 :wink:

but to be more serious:

  • read the changelog (for the version you’d like to “exploit”)
  • get source, configure && make it
  • make some coffee :slight_smile:
  • have fun with your gdb (or any other tool you’re familiar to work with for cases like this).

“nothing more - nothing less.”

hope that helps

1 Like