Re: bash vulnerability jessie

To: The Wanderer <wanderer@fastmail.fm>
Cc: Debian User List <debian-user@lists.debian.org>
Subject: Re: bash vulnerability jessie
From: Ross Boylan <rossboylan@stanfordalumni.org>
Date: Fri, 26 Sep 2014 11:30:45 -0700
Message-id: <[🔎] CAK3NTRAJ=8dJ5b0h_mKE_AuHgEFf3CgXtOB2B=NpVpLrBf-5Qw@mail.gmail.com>
In-reply-to: <[🔎] 54259088.6010805@fastmail.fm>
References: <[🔎] 87sije2x62.fsf@reader.local.lan> <[🔎] 54259088.6010805@fastmail.fm>

On Fri, Sep 26, 2014 at 9:12 AM, The Wanderer <wanderer@fastmail.fm> wrote:
....
>
> But almost every Debian install includes at least a SSH server, and if
> you haven't gone out of your way to arrange otherwise, it can probably
> be reached from the outside Internet by someone who knows the correct IP
> address.

Is ssh vulnerable if the outsider can't login?

Ross Boylan
>
> (Exactly which outside-accessible services do and don't expose the
> vulnerability isn't very clear at the moment AFAIK, so it's better to
> err on the safe side and assume they all do until evidence one way or
> the other can be found.)
>
> - --
>    The Wanderer
>

Reply to:

References:
- bash vulnerability jessie
  - From: Harry Putnam <reader@newsguy.com>
- Re: bash vulnerability jessie
  - From: The Wanderer <wanderer@fastmail.fm>

Prev by Date: Re: preseed from CD different to network booting
Next by Date: Re: preseed from CD different to network booting
Previous by thread: Re: bash vulnerability jessie
Next by thread: Re: bash vulnerability jessie
Index(es):
- Date
- Thread