[CentOS] Is there an openssh security problem?
Ray Van Dolson
rayvd at bludgeon.orgTue Jul 7 20:36:33 UTC 2009
- Previous message: [CentOS] Is there an openssh security problem?
- Next message: [CentOS] Is there an openssh security problem?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, Jul 07, 2009 at 10:31:36PM +0200, Geoff Galitz wrote: > > is there a security issue on CentOS 5.3 with openssh 4.3? > > If this is a real zero-day exploit.. then yes, there is an issue. The > following link may be the best source of information at the moment: > > http://isc.sans.org/diary.html?storyid=6742 > > > FWIW, I think the second comment about RHEL/Centos in the referenced post is > a little off-base. After all, you have to know that a bug exists before you > can fix it. This link[1] seems to show a RHEL 5.3 machine being exploited (could be wrong though). Not sure which version of the openssh-server package it is however beyond the base 4.3. And a post[2] by a RH engineer to the openssh list. Ray [1] http://secer.org/hacktools/0day-openssh-remote-exploit.html [2] http://marc.info/?l=openssh-unix-dev&m=124699121213120&w=2
- Previous message: [CentOS] Is there an openssh security problem?
- Next message: [CentOS] Is there an openssh security problem?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list