Date: Fri, 8 Mar 2002 09:37:47 -0500 From: Niels Provos <provos@citi.umich.edu> To: krzysztof Strzelczyk <cs052279@yahoo.com> Cc: freebsd-security@freebsd.org Subject: Re: suspicious ssh logs Message-ID: <20020308143746.GY10142@citi.citi.umich.edu> In-Reply-To: <20020308040130.88177.qmail@web14803.mail.yahoo.com> References: <20020308040130.88177.qmail@web14803.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Mar 07, 2002 at 08:01:30PM -0800, krzysztof Strzelczyk wrote: > Mar 7 17:58:10 server sshd[8783]: fatal: Local: > Corrupted check bytes on input. > Mar 7 17:58:21 server sshd[8786]: fatal: Local: > Corrupted check bytes on input. > Mar 7 17:58:36 server sshd[8791]: fatal: Local: > Corrupted check bytes on input. > Mar 7 17:58:51 server sshd[8798]: fatal: Local: > Corrupted check bytes on input. The logs indicates that somebody is trying to exploit the crc32 deattach problem that has been fixed in OpenSSH in November 2000, IIRC. Niels. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020308143746.GY10142>