Re: HEAD's UP: possible 0day SSH exploit in the wild

To: debian-security@lists.debian.org
Subject: Re: HEAD's UP: possible 0day SSH exploit in the wild
From: Justus <justus@abi007.info>
Date: Tue, 07 Jul 2009 22:36:31 +0200
Message-id: <[🔎] 4A53B1CF.509@abi007.info>
In-reply-to: <[🔎] 4A53AD2B.4080500@techsupport.lt>
References: <[🔎] 4A53AD2B.4080500@techsupport.lt>

Is there Information on what Versions are affected by this exploit?
I read something of Version 3.2 and 4.3 in one of the blog entrys
(http://secer.org/hacktools/0day-openssh-remote-exploit.html), maybe
someone else could clarify this?
Would you recommend stopping ssh completely and switching to remote control?
Regards,
Justus

Reply to:

Follow-Ups:
- Re: HEAD's UP: possible 0day SSH exploit in the wild
  - From: Leandro Minatel <leandrominatel@gmail.com>
- Re: HEAD's UP: possible 0day SSH exploit in the wild
  - From: Peter Jordan <usernetwork@gmx.info>

References:
- Re: HEAD's UP: possible 0day SSH exploit in the wild
  - From: "Ramunas / techsupport.lt" <ramunas@techsupport.lt>

Prev by Date: Re: HEAD's UP: possible 0day SSH exploit in the wild
Next by Date: Re: HEAD's UP: possible 0day SSH exploit in the wild
Previous by thread: Re: HEAD's UP: possible 0day SSH exploit in the wild
Next by thread: Re: HEAD's UP: possible 0day SSH exploit in the wild
Index(es):
- Date
- Thread