[juneau-lug] ssh exploit
- From: Myron Davis <myrond@xxxxxxxxxxx>
- To: juneau-lug@xxxxxxxxxxxxx
- Date: Tue, 16 Sep 2003 20:23:21 -0700
Just in case nobody has caught it there is a live ssh exploit which
affects anything under openssh 3.7.
for convenience some info on what patches:
debian: ssh_3.6.1p2-6.0_i386.deb or later
or ssh 1:3.4p1-1.1
openbsd: 3.7 or later (openssh-3.7p1.tar.gz)
redhat: up2date -u
-OR-
openssh-3.7p1-1.rpm
gentoo:
Just go to your net-misc/openssh directory:
* cp openssh-3.6.1_p2.ebuild openssh-3.7_p1.ebuild
* emerge --update openssh
The emerge will fetch the file and complain that there is no digest.
* ebuild openssh-3.7_p1.ebuild digest
* emerge --update openssh
most other distros: 3.7p1
also an easy way to check the version that is running:
telnet host 22 :)
-Myron
-- Attached file included as plaintext by Ecartis --
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE/Z9OpnfM/KCuG6/IRAizIAJ0Y5FvrGDkJ+JQ4l+3YSUkkjJz0UwCfTIhp
194uVW8j51g+wg7s9Zy6OoM=
=wlNK
-----END PGP SIGNATURE-----
------------------------------------
This is the Juneau-LUG mailing list.
To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the
word unsubscribe in the subject header.
Other related posts:
