|
|
Subscribe / Log in / New account

What's "older"?

What's "older"?

Posted Jul 7, 2009 19:03 UTC (Tue) by Thue (guest, #14277)
In reply to: What's "older"? by madscientist
Parent article: RUMOR: OpenSSH exploit

At http://secer.org/hacktools/0day-openssh-remote-exploit.html the attack is against OpenSSH 4.3, FWIW.

to post comments

What's "older"?

Posted Jul 7, 2009 22:38 UTC (Tue) by charlieb (guest, #23340) [Link]

If the transcript is undoctored, the target system is not vanilla RHEL5:

2.6.24.5-grsec-hostnoc-4.0.0-x86_64-libata
Apache/2.2.11

What's "older"?

Posted Jul 8, 2009 12:52 UTC (Wed) by kpower (guest, #37136) [Link] (1 responses)

How much of that transcript is doctored?

How much of that is real?

How much is the result of social engineering?

How much is the result of harvesting passwords?

I think it's fake

Posted Jul 8, 2009 14:30 UTC (Wed) by dskoll (subscriber, #1630) [Link]

I think someone compromised the machine through some other method like brute-forcing the password, and then doctored the transcript.

Nevertheless, I've played it safe and firewalled off SSH on all my Internet-facing machines except from friendly IPs. I guess we'll see in the next few days...


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds