openssh privileged escalation vuln

vpswing

• August 28, 2022 18:33

I ran a PCI scan on a cPanel server that I'm managing. One of the failed results showed this: Does cPanel have a patch or an update to version 8.8 ? Thanks! ----------------------------- OpenSSH Privilege Escalation Vulnerability THREAT: OpenSSH (OpenBSD Secure Shell) is a set of computer programs providing encrypted communication sessions over a computer network using the SSH protocol. Affected Versions: OpenSSH 6.2 through 8.7 QID Detection Logic: This unauthenticated detection works by reviewing the version of the OpenSSH service. IMPACT: Attack may lead to privilege escalation due to supplemental groups not initialized. SOLUTION: Customers are advised to upgrade to OpenSSH 8.8 ()

• 

  ffeingol

  • August 29, 2022 00:59

  Assuming this is a RedHat/CentOS system, lots of the CVE's are backported in, but the version is not updated. Try this to check: rpm -q --changelog openssh | egrep CVE-2021-41617
  It should be patched, but there is not much that cPanel can do, as OpenSSH is a OS provided package, not a cPanel provided one.

  0
• 

  vpswing

  • August 29, 2022 07:24

  You're right, it is patched! Thanks for your input, appreciate it!

  0
• 

  cPRex Jurassic Moderator

  • August 30, 2022 16:30

  Thanks @ffeingol - @vpswing, that's usually how the system gets updated. I'll also add that it's important to *never* try and update openssh or openssl on a server to anything outside of what is available in Yum, as that will cause stability issues for the system.

  0

Please sign in to leave a comment.