From owner-freebsd-security Fri Nov 30 0:49: 8 2001 Delivered-To: freebsd-security@freebsd.org Received: from greg.cex.ca (h24-207-26-100.dlt.dccnet.com [24.207.26.100]) by hub.freebsd.org (Postfix) with SMTP id B7DBD37B405 for ; Fri, 30 Nov 2001 00:49:00 -0800 (PST) Received: (qmail 9129 invoked by uid 1001); 30 Nov 2001 08:49:10 -0000 Date: Fri, 30 Nov 2001 00:49:10 -0800 From: Greg White To: freebsd-security@freebsd.org Subject: Re: sshd exploit Message-ID: <20011130004910.A9082@greg.cex.ca> Mail-Followup-To: freebsd-security@freebsd.org References: <20011129012235.U6446-100000@achilles.silby.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from bsd-sec@boneyard.lawrence.ks.us on Fri, Nov 30, 2001 at 01:30:57AM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Fri Nov 11/30/01, 2001 at 01:30:57AM -0600, bsd-sec@boneyard.lawrence.ks.us wrote: > On Thu, 29 Nov 2001, Mike Silbersack wrote: > > > > > The CRC bug was fixed in 2.3.0, which was merged into -stable before the > > release of freebsd 4.3. If 3.0.1's giving you any enhanced immunity, it's > > to a bug which has not yet been announced. > > > > If there _is_ a new bug, and it follows the decription in the url posted > > earlier in the thread, it's probably also SSHv1 related, and can be > [...] > > Perhaps so. However, at the univeristy department where I work, RH Linux lab > machines running both 2.5.x and 2.9.x versions of OpenSSH were indeed > compromised while running ssh version 1. The only other services with > externally available ports were portmap and syslogd. Am I the only one who sees portmap and syslogd as more likely to exploit than ssh? I mean, come on, look at the security histories, here... -- Greg White To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message