From owner-freebsd-questions Tue Oct 30 13: 9: 9 2001 Delivered-To: freebsd-questions@freebsd.org Received: from topaz.mdcc.cx (topaz.mdcc.cx [212.204.230.141]) by hub.freebsd.org (Postfix) with ESMTP id 29EA937B401 for ; Tue, 30 Oct 2001 13:09:07 -0800 (PST) Received: from k7.mavetju.org (topaz.mdcc.cx [212.204.230.141]) by topaz.mdcc.cx (Postfix) with ESMTP id 133AD2B72F; Tue, 30 Oct 2001 22:09:05 +0100 (CET) Received: by k7.mavetju.org (Postfix, from userid 1001) id EEF4C123; Wed, 31 Oct 2001 08:09:00 +1100 (EST) Date: Wed, 31 Oct 2001 08:09:00 +1100 From: Edwin Groothuis To: Kelsey Cummings Cc: freebsd-questions@freebsd.org Subject: Re: SSH exploits? Message-ID: <20011031080900.G35710@k7.mavetju.org> Mail-Followup-To: Edwin Groothuis , Kelsey Cummings , freebsd-questions@freebsd.org References: <20011030121502.N42541@sonic.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011030121502.N42541@sonic.net>; from kgc@sonic.net on Tue, Oct 30, 2001 at 12:15:02PM -0800 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Oct 30, 2001 at 12:15:02PM -0800, Kelsey Cummings wrote: > http://razor.bindview.com/publish/advisories/adv_ssh1crc.html > > Looks like there is another ssh exploit. Our experience is > showing that the script kiddies have tools for this already. Yes, besides that the date on it is Februari 2001 and that (at least 4.3, don't know about 4.2) have OpenSSH 2.3.0 already. Edwin -- Edwin Groothuis | Personal website: http://www.MavEtJu.org edwin@mavetju.org | Interested in MUDs? Visit Fatal Dimensions: ------------------+ http://www.FatalDimensions.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message