[CLUE-Tech] SSH EXPLOIT
Evan Widger
PsychoI3oy at linkline.com
Tue Sep 16 09:31:14 MDT 2003
just saw it on /. thought i'd pass it on as i know many of you are
sysadmins and the like.
http://slashdot.org/article.pl?sid=03/09/16/1327248&mode=nested&tid=126&tid=172
the mailing list linked to there got /. ed by the time i tried to click
the second link...
from what i did read though it affects the current version of openSSH
and the symptoms are a ton of incomming connections that eventually gain
root access. suggested remidies for the meantime include limiting the
hosts that can login via ssh and changing to another ssh server daemon
i'm sure someone else that gets through can give a better description
but i figured this is definitely important.
-Evan Widger
More information about the clue-tech
mailing list