From owner-freebsd-questions  Mon May 17 11:49: 8 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from resnet.uoregon.edu (resnet.uoregon.edu [128.223.144.32])
	by hub.freebsd.org (Postfix) with ESMTP id B73E914D07
	for <freebsd-questions@FreeBSD.ORG>; Mon, 17 May 1999 11:49:04 -0700 (PDT)
	(envelope-from dwhite@resnet.uoregon.edu)
Received: from localhost (dwhite@localhost)
          by resnet.uoregon.edu (8.8.8/8.8.8) with ESMTP id LAA05617;
          Mon, 17 May 1999 11:48:58 -0700 (PDT)
          (envelope-from dwhite@resnet.uoregon.edu)
Date: Mon, 17 May 1999 11:48:58 -0700 (PDT)
From: Doug White <dwhite@resnet.uoregon.edu>
To: "Mark S. Reichman" <mark@borg.com>
Cc: Ben Pepa <bpepa@msn.bc.ca>, freebsd-questions@FreeBSD.ORG
Subject: Re: hacking attempts
In-Reply-To: <373A3B4B.82D780C4@borg.com>
Message-ID: <Pine.BSF.4.03.9905171147450.15052-100000@resnet.uoregon.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Wed, 12 May 1999, Mark S. Reichman wrote:

> sshd did have problems.  Use ssh2 in the ports.
> No, I'm not an expert on this problem or an
> ssh2 expert.  I cant even remeber where I found
> out sshd had problems at one time.  I think
> I received a "root shell" mailing about the
> vulnerability about 6 montsh ago or more.

1.2.27 was released over the weekend.  It plugged a tricky race condition.

I have yet to see these 'ssh vulnerabilities' substantiated by any hard
evidence.  I suspect some other service was explited (imap?) and ssh was
the first app to notice anything askew.

Doug White                               
Internet:  dwhite@resnet.uoregon.edu    | FreeBSD: The Power to Serve
http://gladstone.uoregon.edu/~dwhite    | www.freebsd.org



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message