SSH vulnerability -- patch now!
Sep. 16th, 2003 12:17 pm![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
tugrikAs ![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif)
reality_fox just found out the hard way, there's a new SSH exploit in the wild. It affects Debian, Gentoo, RedHat and OpenBSD systems (or anything using OpenSSH prior to v3.7). You should close your SSH ports immediately and then go get and apply the SSH patches going online now. I'm doing that at my office in the background while submitting this LJ entry.
Slashdot has more info on the specific bits. Here's a quick cut-paste for redhat users:
1.- Download the file openssh-3.7p1-1.src.rpm from any of the mirrors. For example:
ftp://ftp.easynet.be/openssh/portable/rpm/SRPMS/op enssh-3.7p1-1.src.rpm
2.- Build an .rpm for your RedHat Linux version:
# rpm --rebuild openssh-3.7p1-1.src.rpm
3.- Upgrade your OpenSSH packages:
# rpm -Fvh /usr/src/redhat/RPMS/i386/openssh-*.rpm
4.- Re-start your sshd daemon:
service sshd restart
This is a serious security hole. Many machines are being owned. Good luck on getting through to RedHat to get the 3.7 upgrade... just keep trying!
reality_fox just found out the hard way, there's a new SSH exploit in the wild. It affects Debian, Gentoo, RedHat and OpenBSD systems (or anything using OpenSSH prior to v3.7). You should close your SSH ports immediately and then go get and apply the SSH patches going online now. I'm doing that at my office in the background while submitting this LJ entry.Slashdot has more info on the specific bits. Here's a quick cut-paste for redhat users:
1.- Download the file openssh-3.7p1-1.src.rpm from any of the mirrors. For example:
ftp://ftp.easynet.be/openssh/portable/rpm/SRPMS/op enssh-3.7p1-1.src.rpm
2.- Build an .rpm for your RedHat Linux version:
# rpm --rebuild openssh-3.7p1-1.src.rpm
3.- Upgrade your OpenSSH packages:
# rpm -Fvh /usr/src/redhat/RPMS/i386/openssh-*.rpm
4.- Re-start your sshd daemon:
service sshd restart
This is a serious security hole. Many machines are being owned. Good luck on getting through to RedHat to get the 3.7 upgrade... just keep trying!
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
Date: 2003-09-16 12:56 pm (UTC)no subject
Date: 2003-09-16 01:15 pm (UTC)2) Shouldn't affect Win2K unless you're running a version of the OpenSSH server on your Win2K box.
3) Shouldn't affect your website since Tugrik and Revar are on top of it.
4) You shouldn't have to do anything.
no subject
Date: 2003-09-16 01:18 pm (UTC)The war at work goes well. We firewalled everything (a few SSH ports were opened through a few firewalls here and there) and are patching like mad. All done now, I think.
no subject
Date: 2003-09-16 09:19 pm (UTC)no subject
Date: 2003-09-17 06:05 pm (UTC)no subject
Date: 2003-09-19 03:09 am (UTC)