Forum: Digital Distortion

sslh exploit CVE-2022-4639

From BIG Umberto@3:770/3 to All on Tue Aug 22 20:35:43 2023

CVE-2022-4639

Description:
https://vuldb.com/?id.216497
https://nvd.nist.gov/vuln/detail/CVE-2022-4639

Patch:
https://github.com/yrutschle/sslh https://github.com/yrutschle/sslh/commit/b19f8a6046b080e4c2e28354a58556bb26040c6f

Anyone know how patch version of sslh present into the Raspbian 10.13 (buster) on a PI3 ?

Thank.

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

From Richard Kettlewell@3:770/3 to BIG Umberto on Wed Aug 23 09:07:33 2023

"BIG Umberto" <user@2130706432.invalid> writes:

CVE-2022-4639

Description:
https://vuldb.com/?id.216497
https://nvd.nist.gov/vuln/detail/CVE-2022-4639

Patch:
https://github.com/yrutschle/sslh https://github.com/yrutschle/sslh/commit/b19f8a6046b080e4c2e28354a58556bb26040c6f

Anyone know how patch version of sslh present into the Raspbian 10.13 (buster) on a PI3 ?

https://lists.rutschle.net/mailman/archives/sslh/2022-December/000753.html suggests only v.20-rc1 is impacted.

--
https://www.greenend.org.uk/rjk/

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

From BIG Umberto@3:770/3 to Richard Kettlewell on Wed Aug 23 10:49:15 2023

In date: Wed, 23 Aug 2023 10:07:33 on group: comp.sys.raspberry-pi,
Richard Kettlewell wrote:

"BIG Umberto" <user@2130706432.invalid> writes:

CVE-2022-4639

https://lists.rutschle.net/mailman/archives/sslh/2022-December/000753.html suggests only v.20-rc1 is impacted.

Ok. Thank!

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

From Brian Gregory@3:770/3 to BIG Umberto on Thu Aug 24 23:16:40 2023

On 22/08/2023 21:35, BIG Umberto wrote:

CVE-2022-4639

Description:
https://vuldb.com/?id.216497
https://nvd.nist.gov/vuln/detail/CVE-2022-4639

Patch:
https://github.com/yrutschle/sslh https://github.com/yrutschle/sslh/commit/b19f8a6046b080e4c2e28354a58556bb26040c6f

Anyone know how patch version of sslh present into the Raspbian 10.13 (buster) on a PI3 ?

You'd have to build it from the patched source code.

--
Brian Gregory (in England).

--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)

Web-based telnet client

Other Links
What is a BBS?
Doors installed on this BBS
Digital Distortion Doors & Tools
Door stats
Trivia scores
Message networks
Terminal software
Synchronet archiver setup
Ready.gov anti-terrorist guidelines as of 2003

Other services
Telnet
RLogin
IRC
Email & news access

Feel free to send me an email.

BBS UPS stats
Who's Online

System Info

Sysop:	Eric Oulashin
Location:	Beaverton, Oregon, USA
Users:	105
Nodes:	16 (0 / 16)
Uptime:	18:50:02
Calls:	5,914
Calls today:	6
Files:	8,496
D/L today:	166 files (63,870K bytes)
Messages:	344,522
Posted today:	5