Date: Wed, 28 Nov 2001 22:41:44 -0500 From: "00" <x2s500y@sekurity.net> To: "Chris Byrnes" <chris@JEAH.net>, <security@freebsd.org> Subject: Re: sshd exploit? Message-ID: <007201c17887$c7ac4b00$0100000a@001>
next in thread | raw e-mail | index | archive | help
Yes, your friend is right, I'm not sure of the specifics, but I have a copy of the exploit and it has only been released in binary form. OpenBSD's OpenSSH team or no other SSH development group has yet to make a formal statement, most likely due to the fact they don't know what the vunerability is as of yet so they don't want to spark a fire. The vunerability is a great threat because it is remote and root compromisable. The exploit scans a listing of addresses, and when it find a host it just drops to a rootshell. -----Original Message----- From: Chris Byrnes <chris@JEAH.net> To: security@freebsd.org <security@freebsd.org> Date: Wednesday, November 28, 2001 4:23 PM Subject: sshd exploit? >A colleague sent me a very vague e-mail, telling me that I should 'disable >SSHD now' because of a 'private exploit being circulated since Saturday'. > >Anyone know anything about this? > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007201c17887$c7ac4b00$0100000a>