Possible new openssh vulnerability

Spencer Collyer spencer at lasermount.uklinux.net
Tue Sep 16 15:55:15 PDT 2003


On Tue, 16 Sep 2003 18:32:42 +0100 (BST), Ken Moffat wrote:
>  openssh-3.7p1 is out, and wadda you know, /. has rumours of an exploit
> to previous versions in the wild.  A quick look at the changelog doesn't
> show anything obvious.  According to lwn, there are rumours of exploits,
> but no known exploit.  The /. link on the exploit is of course suffering
> from being /.'ed.
> 
>  Summary: unclear if the problem is real, or affects other than open
> BSD.
> 
> Ken

CERT Advisory on this is available at
http://www.cert.org/advisories/CA-2003-24.html

S>

-- 
<<< Eagles may soar, but weasels don't get sucked into jet engines >>>
10:53pm up 84 days, 4:14, 9 users, load average: 0.13, 0.53, 0.58
Registered Linux User #232457



More information about the lfs-security mailing list