openssh 2.9p2 release 8.7 security alert!!!
Wojtek Pilorz
wpilorz at bdk.pl
Thu Nov 29 19:11:51 EST 2001
On Thu, 29 Nov 2001, Damien Miller wrote:
> Date: Thu, 29 Nov 2001 18:59:11 +1100 (EST)
> From: Damien Miller <djm at mindrot.org>
> To: Pin Lu <pin at stredo.com>
> Cc: openssh-unix-dev at mindrot.org
> Subject: Re: openssh 2.9p2 release 8.7 security alert!!!
>
> On Thu, 29 Nov 2001, Pin Lu wrote:
>
> > Hi, everyone:
> >
> > My system was compromised a few days ago.
> > The cracker attacked the system through openssh 2.9p2 release 8.7.
> > I attached part of the log file.
>
> What is release 8.7? What operating system?
I guess this was RedHat Linux 7.0 or 7.1;
ftp://updates.redhat.com contains
7.0/en/os/SRPMS/openssh-2.9p2-8.7.src.rpm
and
7.1/en/os/SRPMS/openssh-2.9p2-8.7.src.rpm
(which are identical)
and resulting binary packages (also identical for 7.0 and 7.1, at least
for x86)
>
> -d
Best regards,
Wojtek
More information about the openssh-unix-dev
mailing list