On Sun, 1 Nov 1998 [EMAIL PROTECTED] wrote:
> The machine was hacked via a trusted host setup that the people at rootshell
> had going. There is no security problem with 1.2.26 that the people at
> rootshell or anywhere else is aware of. Just goes to prove that no matter how
> security concious you want to be, some moron is too lazy to type his password.
Well, the potential buffer overflows in the logging facility seem like a
"security problem" to me and rootshell and others are certainly aware of
it since they sent the alert. Even though it probably had nothing to do
with how (most likely the combination of stupidity and laziness resulting
in the trusted host setup you mention above) the site was hacked and there
is no publically available working exploit code, it is still a
vulnerability.
btw, someone (not me) has already released a patch which is at
ftp://ftp.wibble.net/pub/ssh-patched/ssh-1.2.26-vsprintf.diff
-Peter Frouman | finger [EMAIL PROTECTED] for PGP public key
Zippy says:
The PILLSBURY DOUGHBOY is CRYING for an END to BURT REYNOLDS movies!!
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
