Uh, i need to correct myself on this. 2.0.x do can be exploited if it fals back to v1 implementation vurn. for an old bug. and 2.9.2 exploit is only a rumor. But they will have to be based on something. Cheers, joep -----Oorspronkelijk bericht----- Van: jon schatz [mailto:jonat_private] Verzonden: woensdag 12 december 2001 1:58 Aan: Gommers, Joep CC: Incidents List Onderwerp: RE: Voluminous SSHd scanning; possible worm activity? On Tue, 2001-12-11 at 05:12, Gommers, Joep wrote: > Also SSH versions 2.0.x and 2.9.2 have not yet published exploit around. wait, are you sure about this? is this a known issue (ie, UseLogin and sftp), or is this based on something new? there have been rumors on many lists (vuln-dev, focus-linux, etc) of such an exploit, which is quite scary. do you have a reliable source on this? -jon -- jonat_private || www.divisionbyzero.com gpg key: www.divisionbyzero.com/pubkey.asc think i have a virus?: www.divisionbyzero.com/pgp.html "You are in a twisty little maze of Sendmail rules, all confusing." ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Dec 12 2001 - 10:26:36 PST