This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

sshd exploit

The current sshd daemon is remotely exploitable and allows an attacker to gain full root access of the target. Astaro needs to upgrade to openssh, openssh-clients, and openssh-server (sshd) 3.4 to fix this problem. I have just fixed several openbsd and linux boxes and can verify successful install of current build. www.openssh.com has the errata and the fixes.
so if your using the sshd daemon make sure to fix it.

Good luck……….

This thread was automatically locked due to age.

Parents

0 Markus Hennig over 23 years ago

Hi EaSyToKeR,

yes we will update the SSHD on ASL - but currently we are not remotely exploitable.
So we can wait for the first feedback on 3.4p1 before generating a Up2Date package.
Cancel
Vote Up 0 Vote Down

Cancel
0 EaSyToKeR over 23 years ago in reply to Markus Hennig

I guess thats why i can do a int. overflow on the current sshd for astaro current.

there were several bugs found after the initial.

its in the errata.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 EaSyToKeR over 23 years ago in reply to Markus Hennig

I guess thats why i can do a int. overflow on the current sshd for astaro current.

there were several bugs found after the initial.

its in the errata.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data