oki but what about private 'sploitz usualy there is no public information s
about it but machines are hacked from unknown reasons, what is with that ..
Does anybody hear about new sploit for apache al versions < 1.3.22 ??????
there are some bugs in mod_php and by the apache attacker getting root shell
on your machine ?? it not just story it s reality cause i have seen these
hacked server s last days with that sploit .. also that is private sploit
and nobody on apache web site or other security sites does not discus yet
about that .
One thing is sure : nothing is not sure in fact .
----- Original Message -----
From: "andre@do"
Muhic Mirza wrote:
Hm , i am find same problem , on the suse site i did not can find rpm s of newset version openssh :) as i have to se it is 3.0p2 version bacause all off previus versions are vurneable . Finaly i am find there rpm. on some site , rpmfind.net but i cant install it on suse 7.0 7.1 7.3 , al these version s i am try :) rpm progres show s that is everything installed ok but there s no ssh services on my machine. so finaly i am downloaded source code , openssh 3.op2. requires openssl already installed :)
From the security reasons it is strongly recomended to use latest version
openssh-2.9.9p2-74 is available from suse or mirrors. it isn't vulnerable to any known 'sploit - imho the guys in the security team is fantastic. (thanks guys)
hth
andre
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com