Alleged 0day in OpenSSH

**homoludens** · 07-08-2009, 02:56 AM

Without wishing to fan the flames of rumour and hearsay, I was wondering whether Jag were considering locking down SSH access, as some other hosts are, in response to the alleged 0day in OpenSSH? If so, will we get any warning?

Before anyone panics, no one is sure whether this is anything more than a hoax, but at the very least HostGator claim to be patching something.

**Gwaihir** · 07-08-2009, 06:02 AM

It also says it doesn't affect the latest version, so for JagPC it's just a matter of making sure all servers run that. (Which, in particular for OpenSSH, I hope is standard practice anyway.)

**homoludens** · 07-08-2009, 06:09 AM

Depends on what you mean by latest version. RHEL and therefore CENTOS backport bug fixes.

Originally Posted by n3kton

Actually, 4.3 *is* the latest RHEL/CentOS SSH version. openssh-server-4.3p2-29.el5 has been backported by RH engineers to supposedly patch all of the bugs that have since been disclosed up until the latest OpenSSH versions released by the OpenBSD project people. For enterprise stability purposes (which is why Gov and large businesses buy Red Hat) the versions and features are kept approximately the same as the original RHEL distribution release, but bugs are cleaned up. So if this vulnerability is valid, then possibilities include: 1. All OpenSSH versions are vulnerable 2. Unknown vulnerability was unwittingly patched as part of a version feature upgrade with newer-than-4.3 OpenSSH versions 3. Red Hat engineers failed to properly fix bugs with their backporting efforts.

**homoludens** · 07-09-2009, 05:28 AM

Just FUD then.

Why on Earth did hosts start disabling SSH?

**Ron** · 07-09-2009, 07:24 AM

Thanks for spreading it.

**Ron** · 07-09-2009, 07:25 AM

Actually, I really did enjoy reading up on it. Made me realize just how little I care about things like antisec.

**homoludens** · 07-09-2009, 09:30 AM

Originally Posted by Ron

Thanks for spreading it.

Yeah, fools rush in, or something like that. Sorry.

The main reason I gave it any credence was Host X taking SSH offline, claiming they had all sorts of secret intell. I won't be moving my business there any time soon.

Originally Posted by Ron

Made me realize just how little I care about things like antisec.

Agreed.

**the_ancient** · 07-12-2009, 08:19 PM

Originally Posted by homoludens

Yeah, fools rush in, or something like that. Sorry.

The main reason I gave it any credence was Host X taking SSH offline, claiming they had all sorts of secret intell. I won't be moving my business there any time soon.

Agreed.

Unless Host X, is in the JPC Family why are you doing business with them at all....

Traitor

**homoludens** · 07-13-2009, 06:19 AM

Originally Posted by TA

Traitor

Coming from a member of His Majesty's Most Pernicious and Treacherous Rebel Colonies ...

LinkBack

Thread Tools

Display

Alleged 0day in OpenSSH

Bookmarks

Bookmarks

Posting Permissions