Versions (2)
Version DetailsCurrent
Rev: 1 • Jul 9, 2024, 12:00 PMET INFO Server Responded with Vulnerable OpenSSH Version (CVE-2024-6409)
alert ssh any any -> [$HOME_NET,$HTTP_SERVERS] any (msg:"ET INFO Server Responded with Vulnerable OpenSSH Version (CVE-2024-6409)"; flow:established,to_client; content:"SSH-"; startswith; content:"-OpenSSH_"; fast_pattern; pcre:"/^8\.[78](?:p\d)?/R"; reference:cve,2024-6409; classtype:successful-recon-largescale; sid:2054407; rev:1; metadata:affected_product OpenSSH, attack_target Server, created_at 2024_07_09, cve CVE_2024_6409, deployment Perimeter, deployment Internal, performance_impact Moderate, confidence High, signature_severity Informational, tag Exploit, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_07_09;)
Jul 9, 2024, 12:00 PM
Jul 9, 2024, 12:00 PM
Jul 10, 2024, 12:01 AM
Aug 11, 2025, 10:35 PM
rules/emerging-info.rules