SSH root exploit in the wild - Patches available.

--
Get your Geek Goodies!
http://shop.security-forums.com

..: http://www.security-forums.com :.

Share your knowledge
It's a way to achieve
Immortality.

Lord Shaolin

Lord Shaolin <abuse@127.0.0.1> randomly produced:

Aww **** I went and his send again by mistake.

Anyway..

Full info here: http://www.security-forums.com/forum...pic.php?t=8380

CVS Diff patch:
http://www.freebsd.org/cgi/cvsweb.cg...r2=1.1.1.7&f=h

Mitigation from Full Disclosure:
http://lists.netsys.com/pipermail/fu...er/010116.html

Patch for OpenBSD:
ftp://ftp.openbsd.org/pub/OpenBSD/Op...sd3x_3.7.patch

Slashdot thread:
http://slashdot.org/articles/03/09/1...id=126&tid=172

Fix for the SSH in woody (stable) is available now from security.debian.org
which should be in your sources.list

apt-get update && apt-get upgrade

SID fix at http://incoming.debian.org/

Good luck!

ST

--
Get your Geek Goodies!
http://shop.security-forums.com

..: http://www.security-forums.com :.

Share your knowledge
It's a way to achieve
Immortality.

Lord Shaolin

Lord Shaolin wrote:
> Lord Shaolin <abuse@127.0.0.1> randomly produced:
>
> Aww **** I went and his send again by mistake.
>
> Anyway..
>
> Full info here: http://www.security-forums.com/forum...pic.php?t=8380
>
> CVS Diff patch:
> http://www.freebsd.org/cgi/cvsweb.cg...r2=1.1.1.7&f=h
>
> Mitigation from Full Disclosure:
> http://lists.netsys.com/pipermail/fu...er/010116.html
>
> Patch for OpenBSD:
> ftp://ftp.openbsd.org/pub/OpenBSD/Op...sd3x_3.7.patch
>
> Slashdot thread:
> http://slashdot.org/articles/03/09/1...id=126&tid=172
>
> Fix for the SSH in woody (stable) is available now from security.debian.org
> which should be in your sources.list
>
> apt-get update && apt-get upgrade
>
> SID fix at http://incoming.debian.org/
>
> Good luck!
>
> ST
>

.....just got the Slackware Upgrade, it's a good thing I read this today.
People can't stop monkey'ing around with my FTP server, I'd hate to see
if those same people knew about this (although anyone who attempts to
bruteforce an anon server ain't too brite to begin with). Just try to
get on ANY of the upgrade sites! I had a nice long wait, it seems
everyone is thinking the same thing: patch it quick, buffer-troubles are
all the rage this year. When I finally was able to get on, I was #95 out
of a #96 slot machine, so that gives you an idea right there. Anyway, I
got the Slackware 9.0 upgrade and all is well.

--
-------------------------nonoffensive sig.v1.0RC1----------------------
>> jayjwa >> Reg.Linux user #207147

PGPKey: http://atr2.ath.cx/jayjwa.asc
Maildrop:jayjwa AT hotmail.com -- 4 Spammers:
mailto:

jayjwa

jayjwa <> wrote in
news::

> ....just got the Slackware Upgrade, it's a good thing I read this
> today. People can't stop monkey'ing around with my FTP server, I'd
> hate to see if those same people knew about this (although anyone who
> attempts to bruteforce an anon server ain't too brite to begin with).
> Just try to get on ANY of the upgrade sites! I had a nice long wait,
> it seems everyone is thinking the same thing: patch it quick,
> buffer-troubles are all the rage this year. When I finally was able to
> get on, I was #95 out of a #96 slot machine, so that gives you an idea
> right there. Anyway, I got the Slackware 9.0 upgrade and all is well.

I just picked up the Redhat upgrade, after trying for 4 hours to get on the
network (I have a demo account, so a lower priority).

Lyle H. Gray

Where is the link to the exploit code?

Lord Shaolin wrote:

Dan Ferris

Anyone got a copy of the sploit?

Giantkiller447

Dan Ferris wrote:

> Where is the link to the exploit code?
>
> Lord Shaolin wrote:

joe