[AG-TECH] AG/OpenSSH vulnerability
Randy Groves
randy.groves at boeing.com
Mon Jan 7 18:29:42 CST 2002
Any concern about the OpenSSL 0.9.5a on the same distribution? OpenSSL has
been 0.9.6b for some time, and I just noticed that this is now 0.9.6c.
-randy
At 05:47 PM 1/7/2002 -0600, Robert Olson wrote:
>There was an incident at at an AG site over the break where an AG linux
>machine was broken into. The intruder apparently used the CRC32 attack
>compensator buffer overflow exploit in the verison of the OpenSSH server
>that was shipped with the AG toolkit.
>
>There are several things you can do to protect yourself from similar attacks.
>
>First, you can disable incoming ssh entirely:
>
> /sbin/service sshd stop
> /sbin/chkconfig sshd off
>
>Normal operation of the AG node does not require incoming ssh to be
>running on the linux boxes.
>
>There are patched versions of the ssh server available; however, I don't
>have pointers to them offhand (and I want to get this message out). ssh's
>home is at openssh.org, and there are links there to both source packages
>and Linux RPMs. I am looking into building RH6.2-compatible RPMs for the
>latest ssh; stay tuned.
>
>thanks,
>--bob
>
More information about the ag-tech
mailing list