Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 17 May 1999 11:48:58 -0700 (PDT)
From:      Doug White <dwhite@resnet.uoregon.edu>
To:        "Mark S. Reichman" <mark@borg.com>
Cc:        Ben Pepa <bpepa@msn.bc.ca>, freebsd-questions@FreeBSD.ORG
Subject:   Re: hacking attempts
Message-ID:  <Pine.BSF.4.03.9905171147450.15052-100000@resnet.uoregon.edu>
In-Reply-To: <373A3B4B.82D780C4@borg.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 12 May 1999, Mark S. Reichman wrote:

> sshd did have problems.  Use ssh2 in the ports.
> No, I'm not an expert on this problem or an
> ssh2 expert.  I cant even remeber where I found
> out sshd had problems at one time.  I think
> I received a "root shell" mailing about the
> vulnerability about 6 montsh ago or more.

1.2.27 was released over the weekend.  It plugged a tricky race condition.

I have yet to see these 'ssh vulnerabilities' substantiated by any hard
evidence.  I suspect some other service was explited (imap?) and ssh was
the first app to notice anything askew.

Doug White                               
Internet:  dwhite@resnet.uoregon.edu    | FreeBSD: The Power to Serve
http://gladstone.uoregon.edu/~dwhite    | www.freebsd.org



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.03.9905171147450.15052-100000>