The Intelligent Hacker's Choice.. Systems, Networks, Administration.. since 1977
	>>>>

List All News 2003/09/16 01:20:59 utc Rumours of a new openssh exploit (updated 2003-09-17)

advertisements

Rumours of a new openssh exploit are still circulating According to what we've been hearing there is still a persistent insistence from several individuals that there is at least (1) new openssh vulnerability. There has been no confirmation (or denial) from the OpenSSH development team as of yet. More details as we get them. Purported problems are disclosed in [Full-Disclosure] openssh remote exploit as well as [Full-Disclosure] new ssh exploit? 2003-09-16 1355 utc All indications so far are pointing to the validity of an openssh problem, read [Full-Disclosure] The lowdown on SSH vulnerability with a new patch suddenly showing up in buffer.c 2003-09-17 0002 utc The advisories of vulnerable implementations and distributions continue to pour forth. [Full-Disclosure] [ESA-20030916-023] OpenSSH buffer management error [RHSA-2003: 279-01] Updated OpenSSH packages fix potential vulnerability FreeBSD Security Advisory FreeBSD-SA-03:12.openssh [SECURITY] [DSA-382-1] OpenSSH buffer management fix MDKSA-2003:090 - Updated openssh packages fix buffer management error SuSE Security Announcement: openssh (SuSE-SA:2003:038) Cisco Security Advisory: OpenSSH Server Vulnerabilities