On 09/24/2014 08:33 PM, Ryan Simpkins wrote: > On Wed, September 24, 2014 19:32, Jeremy Pace wrote: >> I was a little surprised to not see some posts regarding this vulnerability: > > We were all too busy patching systems. All patched now. Thank you SaltStack > for making my system orchestration problems a distant memory! Responding to > security events like this with Salt makes for a much nicer day.
Dumb question, but since I've been living under a rock these last few weeks and have only had chance to see the headlines, is this vulnerability remotely exploitable with, say ssh? I've run a few tests and I'm unable to get the exploit to work remotely unless I get the login to succeed. Obviously I'm missing something. Can someone help me out here? Also I discovered my aging Centos 5 server is not vulnerable. :) /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
