Re: ssh vulnerability in the wild

To: debian-security@lists.debian.org
Subject: Re: ssh vulnerability in the wild
From: Andreas Barth <aba@not.so.argh.org>
Date: Tue, 16 Sep 2003 17:34:01 +0200
Message-id: <[🔎] 20030916153401.GD8710@mails.so.argh.org>
Mail-followup-to: Andreas Barth <aba@not.so.argh.org>, debian-security@lists.debian.org
In-reply-to: <[🔎] Pine.LNX.4.40.0309161559330.3755-100000@jehova.dsm.dk>
References: <[🔎] 20030916143038.GG27127@hoffentlich.net> <[🔎] Pine.LNX.4.40.0309161559330.3755-100000@jehova.dsm.dk>

* Thomas Horsten (thomas@horsten.com) [030916 17:32]:
> Is there an emergency patch/workaround for this, if disabling ssh is not
> an option? Are systems with Privilege Separation affected?

Filtering access to allow only trusted machines. But please remember:
Each allowed machine could exploit your machine.


Cheers,
Andi
-- 
   http://home.arcor.de/andreas-barth/
   PGP 1024/89FB5CE5  DC F1 85 6D A6 45 9C 0F  3B BE F1 D0 C5 D1 D9 0C

Reply to:

Follow-Ups:
- Re: ssh vulnerability in the wild
  - From: Ted Roby <secalert@tedroby.com>

References:
- Re: ssh vulnerability in the wild
  - From: Alexander Neumann <alexander@bumpern.de>
- Re: ssh vulnerability in the wild
  - From: Thomas Horsten <thomas@horsten.com>

Prev by Date: Re: ssh vulnerability in the wild
Next by Date: Re: ssh vulnerability in the wild
Previous by thread: Re: ssh vulnerability in the wild
Next by thread: Re: ssh vulnerability in the wild
Index(es):
- Date
- Thread