[Dshield] openssh update

Johannes Ullrich jullrich at euclidian.com
Tue Sep 16 14:50:20 GMT 2003

The vulnerability only effects OpenSSH, no other ssh version AFAIK.

I started a writeup with links to the preliminary advisory at

On Tue, 2003-09-16 at 10:27, David J. Bianco wrote:
> Do you have a pointer to more details on this vulnerability?  I searched
> my dshield folder, and didn't find any discussion.  Also, I didn't
> find it on Google or on the OpenSSH.org web site.  How severe is this
> problem?
> 	Thanks,
> 	  David
> Johannes Ullrich wrote:
> > a new version of openssh has been released this morning. This version
> > includes some patches to fix vulnerabilities discussed yesterday. It is
> > not clear if they are exploitable, but rumor has it that there is an
> > exploit going around in the underground.
> > 
> > If you use openssh and know how to build it from source, you may give it
> > a try. I have not heard of any updates from major Linux distributions at
> > this point.
> > 
> > If you are not upgrading right away, try to limit access to your ssh
> > server to trusted IP addresses. 
> > 
> > You should enable privilege separation. It is not clear if this will
> > prevent the current exploit. But it is likely to make it harder to use
> > any exploit.
> > 
> > As always, verify PGP signatures when downloading the source package. 
> > 
> > 
> > Please forward any observations/comments off or on list.
> > 
Johannes Ullrich                     jullrich at euclidian.com
pgp key: http://johannes.homepc.org/PGPKEYS
   "We regret to inform you that we do not enable any of the 
    security functions within the routers that we install."
         support at covad.net

More information about the list mailing list