l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
December 2: Social Gathering 		Next Installfest:
TBA 		Latest News:
Nov. 18: Officers elected 		Page last updated:
2003 Sep 16 11:35
Events
 Meetings
 Installfests
 Demos
 Photos
Services
 Library
 LERT
 Jobs
 Documents
Interact
 Mailing Lists
 - Search
 - Archives
 Chat (IRC)
 Social Networks
About Us
 Members
 Projects
 Testimonials
 Call for Speakers
 Why Not MS?
 Finances
 Sponsors

^Home
?Search
?News & RSS
?Calendar
@Contact Us
$Buy Stuff
=Printable


The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

 Report this post as spam:

(Enter your email address)
[vox] The OpenSSH "exploit" is still being discussed...
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox] The OpenSSH "exploit" is still being discussed...

Just an FYI, there has been discussion on /. (slashdot) about a "new
openssh exploit in the wild"

Some people have posted statements about a worm.

Though a new version of openssh (3.7.1p1) is out, and I think Debian
(stable) , and RedHat both now have new packages out to provide fix for
the buffer allocation issue that some think are being exploited, there is
dissention among people about this patched code actually being the hole
that is alegedly being exploited.

So there is a hole, and it is exploitable or it isn't.
And there is either a worm exploiting this hole or there isn't.

Either way, you may wish to consider upgrading as a form of insurance, but
consider that if there is a hole being exploited, it is possible that this
fix is not the fix for the exploit in the wild (assuming it exists.)

Clear as mud?
Heh

-ME

_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox
LinkedIn
LUGOD Group on LinkedIn 		facebook
LUGOD Group on Facebook

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
1105 Kennedy Place, Suite 1, Davis, CA 95616
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

 Sponsored in part by:
VA Software
Who donated a computer, books and much more!