[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenSSH - remote exploit - any reported cases?

To: Kurt Seifried <openbsd@seifried.org>
Subject: Re: OpenSSH - remote exploit - any reported cases?
From: Diyan Christian <sauron@lug.stikom.edu>
Date: Thu, 11 Jul 2002 21:26:29 -0400
Cc: OpenBSD Misc <misc@openbsd.org>
Content-Disposition: inline
Mail-Followup-To: Kurt Seifried <openbsd@seifried.org>,OpenBSD Misc <misc@openbsd.org>
References: <20020701204610.8437.qmail@anonix.net> <20020701231306.V27243@skywalker.bsws.de> <20020711111724.GA11247@esme.xs4all.nl> <20020711132453.F15049@skywalker.bsws.de> <001b01c228d2$95f108c0$1400020a@chaser>

On some email I received,
> Message-ID: <001b01c228d2$95f108c0$1400020a@chaser>
> Reply-To: "Kurt Seifried" <openbsd@seifried.org>
> From: "Kurt Seifried" <openbsd@seifried.org>
> To: <misc@openbsd.org>
> Subject: OpenSSH - remote exploit - any reported cases?
> Date: Thu, 11 Jul 2002 06:00:44 -0600
> 
> Just that. Are there any reported cases of remote compromise of a system due
> to the challenge response bug (any system, openbsd or otherwise)? Or even
> good suspicious cases?
> 
> In other words did anyone actually actively exploit the first remote hole in
> the default install in 6 years?

nope, but several of my hosts had an increasing scans for ssh port from the 
internet recently, does anybody have snort signature on this?


regards,
Diyan Christian

--
@ IN SOA lug.stikom.edu. oblek.lug.stikom.edu.

"My programs doesn't contains bugs,
they just develops random features"

Follow-Ups:
- Re: OpenSSH - remote exploit - any reported cases?
  - From: Andreas Östling <andreaso@it.su.se>

References:
- Re: ssh protocol version 1 and 2 allowed?
  - From: "Daniel Malament" <danielm@bluetiger.net>
- Re: ssh protocol version 1 and 2 allowed?
  - From: Henning Brauer <lists-openbsd@bsws.de>
- Recompile openssl - how? (Re: ssh protocol version 1 and 2 allowed?)
  - From: "T. Ribbrock" <emgaron@gmx.net>
- Re: Recompile openssl - how? (Re: ssh protocol version 1 and 2 allowed?)
  - From: Henning Brauer <lists-openbsd@bsws.de>
- OpenSSH - remote exploit - any reported cases?
  - From: "Kurt Seifried" <openbsd@seifried.org>

Prev by Date: Re: http://www.cert.org/advisories/CA-2002-19.html and Bind 9 replacement
Next by Date: Re: NetBios Thru NAT
Prev by thread: OpenSSH - remote exploit - any reported cases?
Next by thread: Re: OpenSSH - remote exploit - any reported cases?
Index(es):
- Date
- Thread