Does anyone (Roman) know about this new SSH bug? http://online.securityfocus.com/archive/82/258238 Is 3.0.2p1 vulnerable? -----=====-----=====-----=====-----=====----- Ben Rosenberg mailto:ben@whack.org -----=====-----=====-----=====-----=====----- "I've never been quarantined. But the more I look around the more I think it might not be a bad thing." -JC
Does anyone (Roman) know about this new SSH bug?
http://online.securityfocus.com/archive/82/258238
Is 3.0.2p1 vulnerable?
There is no information about it yet. It's most worrysome, though. We're at it - it strikes us quite hard these days. Thanks, Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "You don't need eyes to see, | SuSE GmbH - Security Phone: // you need vision!" | Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless | - -
Yes, and I colleague of mine just made a root exploit discover in OpenSSH that effects 3.0.1p1 and below. Once I know more or he decides to announce it..I'll let you know. He's in a testing phase. Cheers! * Roman Drahtmueller (draht@suse.de) [020227 17:30]: ->> ->> Does anyone (Roman) know about this new SSH bug? ->> ->> http://online.securityfocus.com/archive/82/258238 ->> ->> Is 3.0.2p1 vulnerable? -> ->There is no information about it yet. It's most worrysome, though. -> ->We're at it - it strikes us quite hard these days. -----=====-----=====-----=====-----=====----- Ben Rosenberg mailto:ben@whack.org -----=====-----=====-----=====-----=====----- "I've never been quarantined. But the more I look around the more I think it might not be a bad thing." -JC
Yes, and I colleague of mine just made a root exploit discover in OpenSSH that effects 3.0.1p1 and below. Once I know more or he decides to announce it..I'll let you know. He's in a testing phase.
Cheers!
Are you sure that openssh is affected? Right now, it looks like only the commercial ssh versions are targeted - they have similar version numbers. But still not more news. :-/ Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "You don't need eyes to see, | SuSE GmbH - Security Phone: // you need vision!" | Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless | - -
Yuppa, Roman Drahtmueller wrote:
Yes, and I colleague of mine just made a root exploit discover in OpenSSH that effects 3.0.1p1 and below. Once I know more or he decides to announce it..I'll let you know. He's in a testing phase.
Cheers!
Are you sure that openssh is affected? Right now, it looks like only the commercial ssh versions are targeted - they have similar version numbers.
But still not more news. :-/
If I got that correctly, ssh.com, in a roundabout way, already addressed the problem on their web site: http://www.ssh.com/products/ssh/advisories/ssh1_2002-02-25.cfm This is an "advisory" (well, sort of...) from 02/25, which points out that the recent sec holes only affect ssh1. Apparently, the publication is targeted towards a TV news broadcast of Finnish TV, which said that there had been attacks/break-ins against, quote, "tens of of thousands of computers all around the world" with vulnerable ssh1 installations. Unfortunately, they don't go into detail. I have not checked the security status of the current OpenSSH versions. Currently, I'm about to track down the "sshex" tool/app which has been mentioned in the securityfocus posting. Since our company very heavily relies on ssh, this issue is very important for us. I will re-post in this thread as soon as I have more info. Ben, thanks for bringing that to our attention.
Roman.
Boris Lorenz <bolo@lupa.de> ---
participants (3)
-
Ben Rosenberg -
Boris Lorenz -
Roman Drahtmueller