Possible SSH Exploit.

Dump_Weed · 07-08-2009, 12:14 PM

Theres rumors running around the net about a hole in ssh.

This rumored hole allows a attacker to break into your system.

Full Deatils are here.

http://secer.org/hacktools/0day-open...e-exploit.html

Might be worth checking your on the latest SSH version.

Keep in mind this is only rumors.

cheers
Dump

MS3FGX · 07-08-2009, 12:18 PM

So this is the rumor? Because somebody made a blog post with a supposed log of their commands?

Dump_Weed · 07-08-2009, 02:40 PM

I will say it is a rumor as there have been no offical reports of this use of this script etc.

Any one can blog that they have hacked system x and put together convincing log files etc.

However it is always a good idea to make sure you are on the latest version of your distrobutions software etc.

If i find out that there is a real issue i will update this thread.

cheers

slackass · 07-08-2009, 03:01 PM

Well, all day on the news they've been talking about gov web sites being shut down from some sort of denial of service attacks from North Korea.
http://news.yahoo.com/s/ap/20090708/...a_cyber_attack

unSpawn · 07-08-2009, 03:19 PM

See http://isc.sans.org/diary.html?storyid=6742 and next time please post any security news, rumours in http://www.linuxquestions.org/questi...ux-security-4/, this isn't slack-specific (or so you hope ;-p)

Dump_Weed · 07-08-2009, 03:41 PM

Ops @ wrong section of forum.