-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Han Boetes wrote: | Always fun in the #openbsd channel. Always some people who want to make | it seems like the end of the world and the next worldwar.
Ehm, there are reports that it lead to root compromise already, so I would execute extreme caution about this one. Considering that SSH is on almost every Unix system, this may be a major issue.
| | The text is very clear though: | | | All versions of OpenSSH's sshd prior to 3.7 contain a buffer | management error. It is uncertain whether this error is | potentially exploitable, however, we prefer to see bugs | fixed proactively.
This just means, that they do not know about the exploit yet :-( Not that your machine cannot be compromised.
Jan
- --
Jan Ciger VRlab EPFL Switzerland GPG public key : http://www.keyserver.net/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/Z29cn11XseNj94gRAt/CAKCn2DhSyayTgPoVPiHayTjRIAGctQCeLw6w 6H6IISlStciLV9kiSCnlMkY= =dhQW -----END PGP SIGNATURE-----
