Also, I would be wary and watch for updates in the immediate future. While the buffer.c fix is _an_ update, many are saying it's not remotely exploitable, which begs the question what is exploiting all the reportedly rooted machines that people are claiming to have the latest version of OpenSSH (with PrivSep) running on. Of course, it's the Internet, so any number of people can and are talking out of their a**es, so I'd wait for the dust to settle and keep an eye on this one (but update now, of course). -b
On Tuesday 16 September 2003 15:46, Matt Higgins wrote:
There is a remote root exploit for OpenSSH <3.7 (note 3.7 was released today) Check your vendor or get the latest sources or apply the patch from the link below.
the openssh ftp server has been swamped this morning (well since the /. bastards got to it ;D) i mirrored the file before it was /. so if you cant find it, it's at WPI here: http://wh0rd.de/gentoo/distfiles/openssh-3.7p1.tar.gz for you Gentoo users, the update has been on rsync mirrors for a few hours now so just `emerge sync ; emerge -u openssh ; /etc/init.d/sshd restart` ;) -mike