On Tuesday 07 July 2009, Ray Van Dolson wrote: > On Tue, Jul 07, 2009 at 10:31:36PM +0200, Geoff Galitz wrote: > > > is there a security issue on CentOS 5.3 with openssh 4.3? > > > > If this is a real zero-day exploit.. then yes, there is an issue. The > > following link may be the best source of information at the moment: > > > > http://isc.sans.org/diary.html?storyid=6742 > > > > > > FWIW, I think the second comment about RHEL/Centos in the referenced post > > is a little off-base. After all, you have to know that a bug exists > > before you can fix it. > > This link[1] seems to show a RHEL 5.3 machine being exploited (could be > wrong though). The only thing indicating that this is RHEL-5.3 is, afaict, the title. The kernel version is not EL, the mysql version is not etc. Worth keeping an eye on though. /Peter -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part. URL: <http://lists.centos.org/pipermail/centos/attachments/20090708/4e83d1db/attachment-0005.sig>