Pulse Detail — Threat Intelligence

PULSE NAME

CVE-2023-48795 | Ubuntu

WHITE bd.taylor 2023-12-22 Modified: 2023-12-22

IOCs

HIGH VOLUME

The latest security updates for the OpenSSH operating system, following the release of the proftpd-dfsg package and a number of putty fixes, are being published on the Ubuntu website.

MITRE ATT&CK & Malware Families

ATT&CK TECHNIQUES

T1098.004 T1212

Indicators of Compromise (51)

All CVE FileHash-SHA1 URL domain email hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
CVE	CVE-2023-48795	—	2023-12-22
FileHash-SHA1	0870c8db28be9eb457ee3d4f9a168959d9507efd	—	2023-12-22
FileHash-SHA1	0b00e4ce26d89cd010e31e66fd02ac77cb982367	—	2023-12-22
FileHash-SHA1	0bc73254f41acb140187e0c89606311f88de5b7b	—	2023-12-22
FileHash-SHA1	1edb00c58f8a6875fad6a497aa2bacf37f9e6cd5	—	2023-12-22
FileHash-SHA1	244be5412728a7334a2d457fbac4e0a2597165e5	—	2023-12-22
FileHash-SHA1	4cef5e965a46e9271aed62631b152e4bd23c1e3c	—	2023-12-22
FileHash-SHA1	5846e57538c750c5ce67df887d09fa99861c79c6	—	2023-12-22
FileHash-SHA1	58fc33a155ad496bdcf380fa6193302240a15ae9	—	2023-12-22
FileHash-SHA1	6e43be5c7b99dbee49dc72b6f989f29fdd7e9356	—	2023-12-22
FileHash-SHA1	89df759200d31fc79fbbe213d8eda0d329eebf6d	—	2023-12-22
FileHash-SHA1	9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d	—	2023-12-22
FileHash-SHA1	9e099151574885f3c717ac10a633a9218db8e7bb	—	2023-12-22
FileHash-SHA1	9fcbb86f715bc03e58921482efe663aa0c662d62	—	2023-12-22
FileHash-SHA1	b80a41d386dbfa1b095c17bd2ed001477f302d46	—	2023-12-22
FileHash-SHA1	f2e7086902b3605c96e54ef9c956ca7ab000010e	—	2023-12-22
FileHash-SHA1	fdc891d17063ab26cf68c74245ab1fd9771556cb	—	2023-12-22
URL	https://terrapin-attack.com/	—	2023-12-22
domain	terrapin-attack.com	—	2023-12-22
CVE	CVE-2023-28531	—	2023-12-22
FileHash-SHA1	54ac4ab2b53ce9fcb66b8250dee91c070e4167ed	—	2023-12-22
FileHash-SHA1	0a7ea9b0ba9fcdf368374a226370d08f10397d99	—	2023-12-22
FileHash-SHA1	10e09e273f69e149389b3e0e5d44b8c221c2e7f6	—	2023-12-22
FileHash-SHA1	17657c36cce6df7716d5ff151ec09a665382d5dd	—	2023-12-22
FileHash-SHA1	2e65064a52d73396bfc3806c9196fc8108f33cd8	—	2023-12-22
FileHash-SHA1	5c8b534f6e97db7ac0e0e579331213aa25c173ab	—	2023-12-22
FileHash-SHA1	7279fbd6ef4d0c8bdd6a90af4ada2899d786eec0	—	2023-12-22
FileHash-SHA1	8e972c5e94b460379fe0c7d20209c16df81538a5	—	2023-12-22
FileHash-SHA1	97b223f8891b96d6fc054df5ab1d5a1a545da2a3	—	2023-12-22
FileHash-SHA1	d1b43dc0f1361d2ad67601169e90a7fc50bb0369	—	2023-12-22
FileHash-SHA1	d21e7a2e47e9b38f709bec58e3fa711f759ad0e1	—	2023-12-22
URL	https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.10&id=10e09e273f69e149389b3e0e5d44b8c221c2e7f6	—	2023-12-22
URL	https://jadaptive.com/important-java-ssh-security-update-new-ssh-vulnerability-discovered-cve-2023-48795/	—	2023-12-22
URL	https://matt.ucc.asn.au/dropbear/CHANGES	—	2023-12-22
URL	https://nest.pijul.com/pijul/thrussh/changes/D6H7OWTTMHHX6BTB3B6MNBOBX2L66CBL4LGSEUSAI2MCRCJDQFRQC	—	2023-12-22
URL	https://oryx-embedded.com/download/#changelog	—	2023-12-22
URL	https://thorntech.com/cve-2023-48795-and-sftp-gateway/	—	2023-12-22
URL	https://www.crushftp.com/crush10wiki/Wiki.jsp?page=Update	—	2023-12-22
URL	https://www.paramiko.org/changelog.html	—	2023-12-22
URL	https://www.terrapin-attack.com	—	2023-12-22
domain	jadaptive.com	—	2023-12-22
domain	oryx-embedded.com	—	2023-12-22
domain	thorntech.com	—	2023-12-22
email	-etm@openssh.com	—	2023-12-22
email	chacha20-poly1305@openssh.com	—	2023-12-22
hostname	git.libssh.org	—	2023-12-22
hostname	matt.ucc.asn.au	—	2023-12-22
hostname	nest.pijul.com	—	2023-12-22
hostname	www.crushftp.com	—	2023-12-22
hostname	www.paramiko.org	—	2023-12-22
hostname	www.terrapin-attack.com	—	2023-12-22

References (3)

↗ https://ubuntu.com/security/CVE-2023-48795 ↗ https://ubuntu.com/security/notices/USN-6560-1 ↗ https://ubuntu.com/security/CVE-2023-28531