[Chrootssh-users] OpenSSH Vulnerability And Update
Brought to you by:
punkball
Menu
▾
▴
[Chrootssh-users] OpenSSH Vulnerability And Update
|
From: Russell H. <har...@cu...> - 2003-09-16 17:19:50
|
Hello. I have updated the OpenSSH-Chroot packages for the new version, 3.7p1 of OpenSSH-portable. The tarball would not be delivered by the mailing list, so I have put it up at: http://www.cunap.com/~hardingr/openssh-3.7p1-chroot.tar.gz Please see that these packages end up on the sourceforge repository asap. Thanks much, -Russell Harding ---------- Forwarded message ---------- Date: Tue, 16 Sep 2003 09:45:06 -0600 From: Alan V. <Al...@bi...> To: SANITIZED Subject: OpenSSH Vulnerability http://isc.sans.org/diary.html?date=2003-09-16 "A vulnerability has been discovered in OpenSSH. This vulnerability appears to have been exploited to compromise machines at a few ISPs. We highly recommend upgrading to the version 3.7p1 which was released earlier today. This bug may not be exploitable on some platforms (e.g. OpenBSD) but could be exploitable on others (e.g. Linux). Currently, there is no widely available exploit. However, there are some rumors about intrusions using this vulnerability to compromise systems." "I don't have time to be impatient." Alan R. V. <snip> |
