Critical: ssh-nonfree IS exploited
Hello,
just a small information, I have at least 2 confirmed reports about Hacked
Debian Boxes. All of them are hacked by exploiting the old nonfree-ssh and
installing a rootkit. Fortunatelly the rootkit is easy to detect, since it
is linked against libc5.
Sice there is no security alert and since it is onliy fixed in 1.2.27-6.2 or
-7 we should warn our users explicitely. Especially sice it is not contained
within potato.
Note: the reason why those production servers are still using non-free ssh
is, because a) OpenSSH isnt more secure (had a remote exploit before) and b)
upgrade is harder than expected. So we need to make nonfree more recent.
Greetings
Bernd
--
(OO) -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
Reply to: