IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / News Picks Forum / SECURITY: Remote expoit in SSH 3.0
Post #2,560
by admin
Picture of admin
7/21/01 4:28:34 PM
Reply
New SECURITY: Remote expoit in SSH 3.0
[link|http://www.securityfocus.com/frames/?content=/templates/archive.pike%3Flist%3D1%26start%3D2001-07-15%26threads%3D0%26mid%3D198404%26fromthread%3D0%26end%3D2001-07-21%26|Remote Exploit]

Any password can be used to ssh into accounts without passwords (listed as NP on Solaris or !! under Linux sometimes).

Get ssh 3.0.1 at [link|http://www.ssh.com|ssh.com].
Regards,

-scott anderson
Post #2,570
by boxley
7/21/01 8:44:04 PM
7/21/01 8:44:45 PM
Reply
New wow I hope this is widely diseminated
this could affect lots of systems. Remember dont rely on just one tool, use tcp wrappers, radius as well as turn off unneeded services and check logs daily.
thanx,
bill
can I have my ones and zeros back?
Expand Edited by boxley July 21, 2001, 08:44:45 PM EDT
Expand All History
Post #2,572
by a6l6e6x
Picture of a6l6e6x
7/21/01 9:09:37 PM
Reply
New Thanks! I've passed the link to local LUG.
Alex
This is my sig. There's another almost like it, but this one is mine.
Post #2,601
by static
Picture of static
7/22/01 8:59:40 PM
Reply
New I don't think it applies to OpenSSH.
My first thought when I saw the URL was "hang on - that's not OpenSSH's domain".

OpenSSH's latest version is 2.9, so this bug isn't for [link|http://www.openssh.org/|OpenSSH].

Wade.

"All around me are nothing but fakes
Come with me on the biggest fake of all!"
     SECURITY: Remote expoit in SSH 3.0 - (admin) - (3) - July 21, 2001, 04:28:34 PM EDT
         wow I hope this is widely diseminated - (boxley) - July 21, 2001, 08:44:45 PM EDT
         Thanks! I've passed the link to local LUG. -NT - (a6l6e6x) - July 21, 2001, 09:09:37 PM EDT
         I don't think it applies to OpenSSH. - (static) - July 22, 2001, 08:59:40 PM EDT

Well, from then on, we had a whale of a time. I took her to dinner, I took her to dance. I bought her a bouquet of flounders. And then I went home with her. And what did I get for my trouble? A case of the clams.
202 ms