Re: HEAD's UP: possible 0day SSH exploit in the wild

To: debian-security@lists.debian.org
Subject: Re: HEAD's UP: possible 0day SSH exploit in the wild
From: Jeroen van Drongelen <jeroen@naturewebdesign.eu>
Date: Tue, 7 Jul 2009 23:04:03 +0200
Message-id: <[🔎] a701f7720907071404q5608d28eu242a8b69cd5b53cb@mail.gmail.com>
In-reply-to: <[🔎] 4A53AD2B.4080500@techsupport.lt>
References: <[🔎] 4A53AD2B.4080500@techsupport.lt>

As i have read on this page : http://secer.org/hacktools/0day-openssh-remote-exploit.html

it say's that the attack is againt OpenSSH version 4.3.

So the best thing that you can do is update OpenSSH to a newer version.

But again it are still rumors and i don't know if a version higher then 4.3 is also attackable by the exploit

2009/7/7 Ramunas / techsupport.lt <ramunas@techsupport.lt>

Hi all,

This is a serious security threat if it is not some sort of a duck (as we call it in our country). I have firewalled some servers already.

Do you think tcpwrapping ssh service is enough, or should i use iptables instead?

Thanks in advance,
Regards

--
Ramūnas Čereškevičius

Tel.: +370 600 48 371
El.p.: ramunas@techsupport.lt

* UNIX/Linux serveriai
* Kompiuterių tinklai
* Internetinių svetainių kūrimas
* Konsultacijos

www.techsupport.lt

--
To UNSUBSCRIBE, email to debian-security-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: HEAD's UP: possible 0day SSH exploit in the wild
  - From: "Ramunas / techsupport.lt" <ramunas@techsupport.lt>

Prev by Date: Re: HEAD's UP: possible 0day SSH exploit in the wild
Next by Date: Re: HEAD's UP: possible 0day SSH exploit in the wild
Previous by thread: Re: HEAD's UP: possible 0day SSH exploit in the wild
Next by thread: bastille in lenny
Index(es):
- Date
- Thread