NETSYS.COM - The Intelligent Hacker's Choice - Internet, Unix, Security NewsThe 
      Intelligent Hacker's Choice.. Systems, Networks, Administration.. since 
      1977
      >>>> 


      List All News
      2003/09/16 01:20:59 utc 
      Rumours of a new openssh exploit (updated 2003-09-17) advertisements




      Rumours of a new openssh exploit are still circulating
      According to what we've been hearing there is still a persistent 
      insistence from several individuals that there is at least (1) new openssh 
      vulnerability. There has been no confirmation (or denial) from the OpenSSH 
      development team as of yet.
      More details as we get them.
      Purported problems are disclosed in [Full-Disclosure] openssh remote 
      exploit as well as [Full-Disclosure] new ssh exploit?
      2003-09-16 1355 utc
      All indications so far are pointing to the validity of an openssh problem, 
      read [Full-Disclosure] The lowdown on SSH vulnerability with a new patch 
      suddenly showing up in buffer.c
      2003-09-17 0002 utc
      The advisories of vulnerable implementations and distributions continue to 
      pour forth.
      [Full-Disclosure] [ESA-20030916-023] OpenSSH buffer management error
      [RHSA-2003: 279-01] Updated OpenSSH packages fix potential vulnerability
      FreeBSD Security Advisory FreeBSD-SA-03:12.openssh
      [SECURITY] [DSA-382-1] OpenSSH buffer management fix
      MDKSA-2003:090 - Updated openssh packages fix buffer management error
      SuSE Security Announcement: openssh (SuSE-SA:2003:038)
      Cisco Security Advisory: OpenSSH Server Vulnerabilities



Copyright © 2003 netsys.com All Rights Reserved.

      advertisements

            Full Disclosure is always the best policy. If you need to get the 
            word out fast, or stay on top of the latest threats, join the Full 
            Disclosure mailing list. No hidden agenda, incestuous relationships, 
            censorship, delays or moderation.