[ISN] Red Hat hack prompts critical OpenSSH update

From: InfoSec News <alerts_at_private>
Date: Tue, 26 Aug 2008 04:31:36 -0500 (CDT)

By John Leyden
The Register
22nd August 2008

Red Hat has warned that hackers were able to commandeer its systems and 
tamper with code - but said that since its content distribution was not 
hit, it is confident that polluted code has not served up to users.

The first hint that something was wrong came last week when Fedora 
rebuilt its systems, a reconstruction that was accompanied by extended 
outages. Red Hat sponsors the Linux distribution. Fortunately Fedora 
packages weren't interfered with following the attack, but Red Hat 
Enterprise Linux packages were touched up by as yet unidentified 

"Last week Red Hat detected an intrusion on certain of its computer 
systems and took immediate action," Red Hat said in a critical security 
advisory [1] issued on Friday. "While the investigation into the 
intrusion is ongoing, our initial focus was to review and test the 
distribution channel we use with our customers."

While checks on its content distribution networks came back clean, it 
did turn up some problems.

"An intruder was able to sign a small number of OpenSSH packages 
relating only to Red Hat Enterprise Linux 4 (i386 and x86_64 
architectures only) and Red Hat Enterprise Linux 5 (x86_64 architecture 

[1] https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html


Register now for HITBSecConf2008 - Malaysia! With 
a new triple-track conference featuring 4 keynote 
speakers and over 35 international experts, this 
is the largest network security event in Asia and 
the Middle East! 
Received on Tue Aug 26 2008 - 02:31:36 PDT

This archive was generated by hypermail 2.2.0 : Tue Aug 26 2008 - 02:34:29 PDT