[H-GEN] What can i use instead of SSHD?

Tony Nugent tony at linuxworks.com.au
Thu Jun 27 02:48:53 EDT 2002


[ Humbug *General* list - semi-serious discussions about Humbug and     ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]

On Thu Jun 27 2002 at 16:00, Dan Roe wrote:

> Seems to me like SSH is becoming more insecure than FTP/HTTP/Telnet
> Today CERT tells me everything but OpenSSH 3.4 is remotly exploitable
> So i suggest you all update your ssh server
> Im wondering what else i could use instead of SSHD

Some distributions have openssh compiled and/or configured by
default in a way that the bug is not exposed and exploitable.  I am
aware that this is the case at least for redhat (which is why they
appear to be "slow" to release an update for it, no need).  Debian
have released two urgent notices concerning it for both potato and
woody (with only interim fixes so far).  I am not aware of the
status of other distros, the absence of public notifications
probably indicates that they are not affected (but that may change).

Apparently the exploit has now "got out into the wild", so remote
rootkit tools are likely to be using it very soon (along with a long
list of other known exploits in specific versions of network daemons
such as apache, wu-ftpd, lpd and named).

> On another note a freind has discovered a vuln in IE
> Any link that contains 6000 and something chars with some asm code
> Will majikly execute with drastic consequenses
> M$ has been told and have a month before the script kiddies get it

Nothing new... this sort of thing is happening all the time :-)
(Really.  If you browse http://www.iss.net/ or
http://www.auscert.org.au/ you can go through all the microsoft
security notices.  You can also subscribe to the ISS mailing lists
to get regular updates).

> Switch from IE to Mozilla (It has more features!)

:)

(WayWayOffTopic comment... netscrape62x on w98se does not seem to be
nearly as stable as ie6x or ie5x).

> Dan Roe

Cheers
Tony

--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'.  See http://www.humbug.org.au/



More information about the General mailing list