Re: HEAD's UP: possible 0day SSH exploit in the wild

To: debian-security@lists.debian.org
Subject: Re: HEAD's UP: possible 0day SSH exploit in the wild
From: Peter Jordan <usernetwork@gmx.info>
Date: Thu, 09 Jul 2009 08:06:45 +0200
Message-id: <[🔎] h341dl$clf$1@ger.gmane.org>
In-reply-to: <[🔎] 4A53B1CF.509@abi007.info>
References: <[🔎] 4A53AD2B.4080500@techsupport.lt> <[🔎] 4A53B1CF.509@abi007.info>

Justus, Tue Jul 07 2009 22:36:31 GMT+0200 (CEST):
> Is there Information on what Versions are affected by this exploit?
> I read something of Version 3.2 and 4.3 in one of the blog entrys
> (http://secer.org/hacktools/0day-openssh-remote-exploit.html), maybe
> someone else could clarify this?
> Would you recommend stopping ssh completely and switching to remote control?
> Regards,
> Justus
> 
> 

I recompiled openssh lenny version for etch without problems. Are there
any reasons against installing this version in etch?

PJ

Reply to:

References:
- Re: HEAD's UP: possible 0day SSH exploit in the wild
  - From: "Ramunas / techsupport.lt" <ramunas@techsupport.lt>
- Re: HEAD's UP: possible 0day SSH exploit in the wild
  - From: Justus <justus@abi007.info>

Prev by Date: Re: HEAD's UP: possible 0day SSH exploit in the wild
Next by Date: Re: bastille in lenny
Previous by thread: Re: Cleanup portsentry's iptables rules
Next by thread: Re: HEAD's UP: possible 0day SSH exploit in the wild
Index(es):
- Date
- Thread