CVE-2024-39894 OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry (e.g. for su and Sudo) because of an ObscureKeystrokeTiming logic error. Similarly other timing attacks against keystroke entry could occur.
ATT&CK techniques detected
T1056.001Keylogging
89%
“cve - 2024 - 39894 openssh 9. 5 through 9. 7 before 9. 8 sometimes allows timing attacks against echo - off password entry ( e. g. for su and sudo ) because of an obscurekeystroketiming logic error. similarly other timing attacks against keystroke entry could occur. you need to e…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Information published.