From owner-freebsd-security Wed Nov 28 21: 1:20 2001 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id 1C12B37B417 for ; Wed, 28 Nov 2001 21:01:17 -0800 (PST) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id WAA29130; Wed, 28 Nov 2001 22:00:58 -0700 (MST) Message-Id: <4.3.2.7.2.20011128220001.0465ccc0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Wed, 28 Nov 2001 22:00:54 -0700 To: "00" , "Chris Byrnes" , From: Brett Glass Subject: Re: sshd exploit? In-Reply-To: <007201c17887$c7ac4b00$0100000a@001> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 08:41 PM 11/28/2001, 00 wrote: >Yes, your friend is right, I'm not sure of the specifics, but I have a copy >of the exploit and it has only been released in binary form. OpenBSD's >OpenSSH team or no other SSH development group has yet to make a formal >statement, most likely due to the fact they don't know what the vunerability >is as of yet so they don't want to spark a fire. The vunerability is a >great threat because it is remote and root compromisable. The exploit scans >a listing of addresses, and when it find a host it just drops to a >rootshell. On which versions of SSH or OpenSSH has this been tested? We may need to shut down a series of hosts if this is for real and not just an ugly rumor. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message