Recent breakins / SSHD root hole?

Pekka Savola pekkas at
Tue Jun 5 05:37:15 EST 2001

On Mon, 4 Jun 2001, nuuB wrote:
> which fixes two other (much less serious) problems. It also happens to fix the
> above CRC attack, but it isn't mentioned in redhats bulletin (and I doubt they
> knew about it). I don't upgrade things unless there is a problem that affects
> me (wise from previous updates where new problems of course snuck in with the
> upgrade). The two minor things mentioned didn't affect me, so I didn't upgrade.
> So here I am, 2 Jun, with a root hole that was announced on Feb 8. Almost 4
> months with an open root hole. Gives me a real warm'n'fuzzy.... NOT. The only
> thing making me feel better is that the exploitation is quite a far from ./hack
> with the public exploit.

AFAIR, exploitation of the bug is in practise only possible with very good
knowledge and access to the system etc. -- practically you would have to
have an account in the box and still it wouldn't be child's play.

Not something you can turn to "script-kiddie" type attack anyhow.

Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords

More information about the openssh-unix-dev mailing list