[CentOS] Is there an openssh security problem?

Thu Jul 9 11:06:33 UTC 2009
Michael Simpson <mikie.simpson at gmail.com>

On 08/07/2009, Flaherty, Patrick <pflaherty at wsi.com> wrote:
> > is there a security issue on CentOS 5.3 with openssh 4.3? I
> > ask that cause of
> > http://www.h-online.com/security/Rumours-of-critical-vulnerabi
> > lity-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712
> > and http://secer.org/hacktools/0day-openssh-remote-exploit.html.
> >

this from sans

http://isc.sans.org/diary.html?storyid=6760

another good reason for using pki rather than password auth
so no magic 0day just another brute force tool

mike