From owner-freebsd-security Mon Nov 5 23:39:47 2001 Delivered-To: freebsd-security@freebsd.org Received: from gilberto.physik.rwth-aachen.de (gilberto.physik.RWTH-Aachen.DE [137.226.46.168]) by hub.freebsd.org (Postfix) with ESMTP id BB33F37B416 for ; Mon, 5 Nov 2001 23:39:42 -0800 (PST) Received: (from kuku@localhost) by gilberto.physik.rwth-aachen.de (8.11.1/8.9.3) id fA67dZG07698; Tue, 6 Nov 2001 08:39:35 +0100 (CET) (envelope-from kuku) Date: Tue, 6 Nov 2001 08:39:34 +0100 From: Christoph Kukulies To: Daniel Hagan Cc: Christoph Kukulies , freebsd-security@FreeBSD.ORG Subject: Re: sshd - corrupted check bytes on input Message-ID: <20011106083934.B7604@gil.physik.rwth-aachen.de> References: <200111050721.fA57Lko76929@gilberto.physik.rwth-aachen.de> <3BE786E6.1DB9227C@colltech.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <3BE786E6.1DB9227C@colltech.com>; from dhagan@colltech.com on Tue, Nov 06, 2001 at 01:44:54AM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Nov 06, 2001 at 01:44:54AM -0500, Daniel Hagan wrote: > You are probably being attacked. See > http://www.cert.org/incident_notes/IN-2001-12.html for information on > this vulnerability. > > Daniel > > Christoph Kukulies wrote: > > > > I found a syslog of Nov 2, 00:30 saying: > > > > sshd: Local: Corrupted check bytes on input. Although it doesn't have exactly the pattern. No host that disconnected. I logged into the machine at that time from home via ISDN at that time. Well, time anyway to switch to openssh. -- Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message