[Dshield] openssh update

David J. Bianco bianco at jlab.org
Tue Sep 16 14:27:40 GMT 2003


Do you have a pointer to more details on this vulnerability?  I searched
my dshield folder, and didn't find any discussion.  Also, I didn't
find it on Google or on the OpenSSH.org web site.  How severe is this
problem?

	Thanks,
	  David

Johannes Ullrich wrote:
> a new version of openssh has been released this morning. This version
> includes some patches to fix vulnerabilities discussed yesterday. It is
> not clear if they are exploitable, but rumor has it that there is an
> exploit going around in the underground.
> 
> If you use openssh and know how to build it from source, you may give it
> a try. I have not heard of any updates from major Linux distributions at
> this point.
> 
> If you are not upgrading right away, try to limit access to your ssh
> server to trusted IP addresses. 
> 
> You should enable privilege separation. It is not clear if this will
> prevent the current exploit. But it is likely to make it harder to use
> any exploit.
> 
> As always, verify PGP signatures when downloading the source package. 
> 
> 
> Please forward any observations/comments off or on list.
> 

-- 
David J. Bianco, GSEC GCUX		<bianco at jlab.org>
Thomas Jefferson National Accelerator Facility
GPG Fingerprint:  516A B80D AAB3 1617 A340  227A 723B BFBE B395 33BA

      The views expressed herein are solely those of the author and
	    not those of SURA/Jefferson Lab or the US DOE.





More information about the list mailing list