The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

open SSH exploit

Discussion in 'General Discussion' started by Craig, Jun 27, 2002.

  1. Craig

    Craig Well-Known Member

    Joined:
    Aug 10, 2001
    Messages:
    171
    Likes Received:
    0
    Trophy Points:
    16
    http://www.debian.org/security/2002/dsa-134

    Are we OK from this?

    Craig
     
  2. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    not really OK at all, actually.
    However, the peeps at openssh spawned their update that was scheduled for monday a bit earlier (HORRAY)

    http://www.openssh.com

    I'm assuming Darkorb is going to latch on to this as well- but for now just an FYI that is what's available!

    ;)
     
  3. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    BTW a quick addendum:

    This is only somewhat effective on RH 7.1 and EARLIER boxes----- 7.2 and 7.3 should be safe out of the box, as I've heard from various authorities. Also, after speaking with bdraco earlier he decrees the entire RedHat genre invulnverable to this, though the openssh 3.4 rpms will be gracing the cpanel update scene starting very, very soon.

    I think RedHat is rpm-a-zizing the source as I type this, or perhaps it's released by now.

    obviously www.openssh.com has anything technical you might want to know about this...........
    :p
     
  4. zex

    zex Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    98
    Likes Received:
    0
    Trophy Points:
    6
    cPanel Access Level:
    Root Administrator
    There is no thing like totaly secured computer. I think that we all learn in last few day's that only way to secure box is to keep it updated.

    Many security &experts& are said that 32 bit unix-like servers are not affected with latest apache bug, and 24 hours after that we are witness of exploit for OpenBSD, OS that didn't have remote exploit for last 5 years in default installation.

    Also according to news on some hackers sites, same exploit for Solaris and Linux is also avaliable in underground....

    All this including latest ssh exploit leed us to only one conclusion:
    We must pay attention to security to protect our business at least from persons with &script kiddie& knowledge.

    Security is not cheep thing we all know that, but it's much cheeper than loosing confidental information or clients.
     
  5. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    We also know one more thing... Bill Gates wants our business really bad.
     
  6. avara

    avara Well-Known Member

    Joined:
    Oct 28, 2001
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    Anyone know when DarkOrb will be releaseing an official updater/patch?
     
  7. bdraco

    bdraco Guest

    http://rhn.redhat.com/errata/RHSA-2002-127.html

    This patch should go in tonight or tomorrow if you have security updates on.
     
  8. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    does this apply to RedHat/Linux 6.2 also ??

    thx's
     
  9. rpmws

    rpmws Well-Known Member

    Joined:
    Aug 14, 2001
    Messages:
    1,824
    Likes Received:
    5
    Trophy Points:
    38
    Location:
    back woods of NC, USA
    [quote:522abbc6ac][i:522abbc6ac]Originally posted by bdraco[/i:522abbc6ac]

    http://rhn.redhat.com/errata/RHSA-2002-127.html

    This patch should go in tonight or tomorrow if you have security updates on.[/quote:522abbc6ac]

    Hey Nick .... THANKS MAN!!!!
     
  10. shaun

    shaun Well-Known Member

    Joined:
    Nov 9, 2001
    Messages:
    698
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    San Clemente, Ca
    i messed with the apache exploit alittle bit. That link that nick gave us a while back had source with it. Supposivly it would only work on openBSD but i noticed when i ran it on a RH7.1 machine running apache 1.3.20 (stupid POS plesk server) that it caused the child apache process's to sig11. I ran this exploit in a while true loop also just to see if i could totally kill apache and wasnt able too. Of course this was only a openbsd exploit but it does show that their is a flaw in the code.

    cpanel's rpmup i beleive will automatically upgrade openssh, as long as you guys didnt disable updates on your server that is :)
     
  11. NetGeek

    NetGeek Well-Known Member

    Joined:
    Mar 4, 2002
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    6
    How to know if I am at the safe side or not ? (i.e. how to check out the ver. #'s)

    I just enabled the automatic security update function after reading this, but how can I know it kicked off ?
     
Loading...

Share This Page