Hi there, I am using Suse 7.0 and openssh 2.1.1 release 19. Could somebody tell me why at the suse updates patches bugfixes page no new release for openssh is? I heard about secure problems with openssh 2.1.1! Is it right? thx for any answer! -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello !
I am using Suse 7.0 and openssh 2.1.1 release 19. Could somebody tell me why at the suse updates patches bugfixes page no new release for openssh is? I heard about secure problems with openssh 2.1.1!
I'm currently running "openssh-2.9.9p2-73" on my SuSE 7.0 system. As I followed the security announcements, this should be the newest version. You should definitely update as soon as possible as there have been problems with earlier versions. The newest rpm should be at ftp.gwdg.de/linux/suse/7.0_update/sec/openssh.rpm I would also recommend to check the archive of suse-security-announce at lists.suse.com, specifically http://lists.suse.com/archive/suse-security-announce/2001-Dec/0001.html HTH, Armin - -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. 0160/4046859 (mobil) D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Weitere Infos: siehe http://www.gnupg.org iD8DBQE8YONwG8Xv4GxznLoRAnrgAJ9w+Se+rZj6NXGW1aKSDklQmHWfhgCfSyUK z9BlcEwfRCpMsp0A4mYgFZ8= =Tvnf -----END PGP SIGNATURE-----
Hello, take a look at openssh.org ; there are the newest ssh-version available. Ruediger Armin Schöch wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hello !
I am using Suse 7.0 and openssh 2.1.1 release 19. Could somebody tell me why at the suse updates patches bugfixes page no new release for openssh is? I heard about secure problems with openssh 2.1.1!
I'm currently running "openssh-2.9.9p2-73" on my SuSE 7.0 system. As I followed the security announcements, this should be the newest version. You should definitely update as soon as possible as there have been problems with earlier versions. The newest rpm should be at ftp.gwdg.de/linux/suse/7.0_update/sec/openssh.rpm
I would also recommend to check the archive of suse-security-announce at lists.suse.com, specifically http://lists.suse.com/archive/suse-security-announce/2001-Dec/0001.html
HTH, Armin
- -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. 0160/4046859 (mobil) D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Weitere Infos: siehe http://www.gnupg.org
iD8DBQE8YONwG8Xv4GxznLoRAnrgAJ9w+Se+rZj6NXGW1aKSDklQmHWfhgCfSyUK z9BlcEwfRCpMsp0A4mYgFZ8= =Tvnf -----END PGP SIGNATURE-----
Hm , i am find same problem , on the suse site i did not can find rpm s of newset version openssh :) as i have to se it is 3.0p2 version bacause all off previus versions are vurneable . Finaly i am find there rpm. on some site , rpmfind.net but i cant install it on suse 7.0 7.1 7.3 , al these version s i am try :) rpm progres show s that is everything installed ok but there s no ssh services on my machine. so finaly i am downloaded source code , openssh 3.op2. requires openssl already installed :)
From the security reasons it is strongly recomended to use latest version ----- Original Message ----- From:
To: Sent: Tuesday, February 05, 2002 9:27 PM Subject: [suse-security] openssh
Hi there,
I am using Suse 7.0 and openssh 2.1.1 release 19. Could somebody tell me why at the suse updates patches bugfixes page no new release for openssh is? I heard about secure problems with openssh 2.1.1! Is it right?
thx for any answer!
-- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
Muhic Mirza wrote:
Hm , i am find same problem , on the suse site i did not can find rpm s of newset version openssh :) as i have to se it is 3.0p2 version bacause all off previus versions are vurneable . Finaly i am find there rpm. on some site , rpmfind.net but i cant install it on suse 7.0 7.1 7.3 , al these version s i am try :) rpm progres show s that is everything installed ok but there s no ssh services on my machine. so finaly i am downloaded source code , openssh 3.op2. requires openssl already installed :)
From the security reasons it is strongly recomended to use latest version
openssh-2.9.9p2-74 is available from suse or mirrors. it isn't vulnerable to any known 'sploit - imho the guys in the security team is fantastic. (thanks guys) hth andre
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi !
Hm , i am find same problem , on the suse site i did not can find rpm s of newset version openssh :) as i have to se it is 3.0p2 version bacause all off previus versions are vurneable . Finaly i am find there rpm. on some site , rpmfind.net but i cant install it on suse 7.0 7.1 7.3 , al these version s i am try :) rpm progres show s that is everything installed ok but there s no ssh services on my machine. so finaly i am downloaded source code , openssh 3.op2. requires openssl already installed :)
For SuSE versions prior to 7.1, you find the OpenSSH rpms at ftp.suse.de not ftp.suse.com ! Please read the announcement by Roman from 6th december. you will find the right links to download the packages. The SuSE package for OpenSSH 2.9.9p2-73 is not vulnerable. So you don't necessarily need a 3.xxxxx version to be safe. Thanks, Armin - -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. 0160/4046859 (mobil) D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Weitere Infos: siehe http://www.gnupg.org iD8DBQE8YQchG8Xv4GxznLoRAtbTAKCkKPEaJ6AhkVykbWb1XkJxAMG3MgCffR9C B6jEc412KaiyqehZKrvH1FQ= =Fe3W -----END PGP SIGNATURE-----
oki but what about private 'sploitz usualy there is no public information s
about it but machines are hacked from unknown reasons, what is with that ..
Does anybody hear about new sploit for apache al versions < 1.3.22 ??????
there are some bugs in mod_php and by the apache attacker getting root shell
on your machine ?? it not just story it s reality cause i have seen these
hacked server s last days with that sploit .. also that is private sploit
and nobody on apache web site or other security sites does not discus yet
about that .
One thing is sure : nothing is not sure in fact .
----- Original Message -----
From: "andre@do"
Muhic Mirza wrote:
Hm , i am find same problem , on the suse site i did not can find rpm s of newset version openssh :) as i have to se it is 3.0p2 version bacause all off previus versions are vurneable . Finaly i am find there rpm. on some site , rpmfind.net but i cant install it on suse 7.0 7.1 7.3 , al these version s i am try :) rpm progres show s that is everything installed ok but there s no ssh services on my machine. so finaly i am downloaded source code , openssh 3.op2. requires openssl already installed :)
From the security reasons it is strongly recomended to use latest version
openssh-2.9.9p2-74 is available from suse or mirrors. it isn't vulnerable to any known 'sploit - imho the guys in the security team is fantastic. (thanks guys)
hth
andre
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi again ! The packages are at ftp://ftp.suse.de/pub/suse/i386/update/7.0/sec1 just checked it myself, they are there ! Armin - -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. 0160/4046859 (mobil) D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: Weitere Infos: siehe http://www.gnupg.org iD8DBQE8YQj2G8Xv4GxznLoRAov5AKDOuuK1REs2xg9QrhwVxWpKVX84vwCdEj9g KBdUh7S7J3Uez3cb5Oz58ug= =Tliy -----END PGP SIGNATURE-----
Muhic Mirza wrote:
oki but what about private 'sploitz usualy there is no public information s about it but machines are hacked from unknown reasons, what is with that .. Does anybody hear about new sploit for apache al versions < 1.3.22 ?????? there are some bugs in mod_php and by the apache attacker getting root shell on your machine ?? it not just story it s reality cause i have seen these hacked server s last days with that sploit .. also that is private sploit and nobody on apache web site or other security sites does not discus yet about that . One thing is sure : nothing is not sure in fact .
thats why we have stuff like snort. i don't know of any private openssh exploit out there. (i guess neither do the developers of openssh - otherwise they would be morally obliged to tell us) there are rumours about a bind 9 exploit too - i haven't seen it either. using the latest version doesn't protect you from unknow exploits. using SuSE Linux you know that there's a team of very well respected individuals that will resolve any known security issue - quickly. hth andre
Muhic Mirza wrote:
Hm , i am find same problem , on the suse site i did not can find rpm s
of
newset version openssh :) as i have to se it is 3.0p2 version bacause
all
off previus versions are vurneable . Finaly i am find there rpm. on some site , rpmfind.net but i cant install it on suse 7.0 7.1 7.3 , al these version s i am try :) rpm progres show s that is everything installed ok
but
there s no ssh services on my machine. so finaly i am downloaded source
code
, openssh 3.op2. requires openssl already installed :)
From the security reasons it is strongly recomended to use latest
version
openssh-2.9.9p2-74 is available from suse or mirrors. it isn't vulnerable to any known 'sploit - imho the guys in the security team is fantastic. (thanks guys)
hth
andre
Am Mittwoch, 6. Februar 2002 11:42 schrieb Muhic Mirza:
Does anybody hear about new sploit for apache al versions < 1.3.22 ?????? there are some bugs in mod_php and by the apache attacker getting root shell on your machine ?? it not just story it s reality cause i have seen these hacked server s last days with that sploit ..
Can you say a bit or two about the configuration of mod_php on these machines? Were safe_mode enabled? If not it may be a exploit for another local vulnerability, because php allows you to execute any program on the webserver if not configured properly. Were ftp-connections logged before the break-in? I disbelieve that there is a remote root-exploit in php, but I believe that one can misconfigure php to allow local exploits.
One thing is sure : nothing is not sure in fact .
I agree with that. Peter
participants (6)
-
andre@do
-
Armin Schöch
-
Chart1@gmx.de
-
ic_admin
-
Muhic Mirza
-
Peter Wiersig