[Dshield] openssh update

Johannes Ullrich jullrich at euclidian.com
Tue Sep 16 13:13:01 GMT 2003

a new version of openssh has been released this morning. This version
includes some patches to fix vulnerabilities discussed yesterday. It is
not clear if they are exploitable, but rumor has it that there is an
exploit going around in the underground.

If you use openssh and know how to build it from source, you may give it
a try. I have not heard of any updates from major Linux distributions at
this point.

If you are not upgrading right away, try to limit access to your ssh
server to trusted IP addresses. 

You should enable privilege separation. It is not clear if this will
prevent the current exploit. But it is likely to make it harder to use
any exploit.

As always, verify PGP signatures when downloading the source package. 

Please forward any observations/comments off or on list.

Johannes Ullrich                     jullrich at euclidian.com
pgp key: http://johannes.homepc.org/PGPKEYS
   "We regret to inform you that we do not enable any of the 
    security functions within the routers that we install."
         support at covad.net

More information about the list mailing list