HEAD's UP: possible 0day SSH exploit in the wild
As usual, you may want to either raise shields (i.e. disable/restrict access
to the ssh service), or pay extra attention to what is happening on your SSH
inbound gateways...
http://lwn.net/Articles/340360/
http://isc.sans.org/diary.html?storyid=6742
http://secer.org/hacktools/0day-openssh-remote-exploit.html
Yes, it could be a hoax, and I sure hope that's all it is...
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
Reply to: