LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Security page

Recent Features

Relicensing and rebasing LibreOffice

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

OpenSSH update

[Posted July 8, 2009 by corbet]

OpenSSH update
[Security] Posted Jul 8, 2009 15:05 UTC (Wed) by corbet

OpenSSH maintainer Damien Miller has responded to the rumors of an active OpenSSH exploit in the wild. "I don't have any non-public information. I have exchanged some emails with one of the victims of the alleged sshd 0day, but he was not able to provide any evidence that the attack was sshd-related. In particular, I spent some time analysing a packet trace that he provided, but it seems to consist of simple brute-force attacks. So, I'm not pursuaded that an 0day exists at all. The only evidence so far are some anonymous rumours and unverifiable intrusion transcripts." This doesn't mean that nothing is going on, of course, but there is reason to hope that this is a false alarm.

Full Story (comments: none)

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds