If you are using the ssh with smartcard support be sure to use the ssh-daemon in the 3.0.0 or higher release.
>Most of you probably know about the CRC integer buffer overflow root >exploit in sshd. Since many of us use open-ssh as our daemon, if we >have the latest version 3.0 we are safe from this exploit. >Surprisingly, even some of the latest Linux distributions, Suse, >Redhat do not have the latest version of the ssh software. Mac OS X >users are still using open ssh 2.9 and should be upgraded >immediately also, the latest versions of openssh contain darwin >detection. > >This vulnerability is real, many have been hacked on it and action >must be taken to protect your machine. > >Some of the hacking tools used to find this exploit scan IP >addresses and ports for port 22. Should you need a temporary fix, >you might try running sshd on port 21 or another non-ssh port to >keep the majority of the scanners from detecting your system. > >I think one note to learn from this is that the openssh was probably >close to the first to detect this problem almost a year ago. Way to >go open source. > >For more information visit the CERT page http://www.cert.org > >Dave *************************************************************** Unix Smart Card Developers - M.U.S.C.L.E. (Movement for the Use of Smart Cards in a Linux Environment) http://www.linuxnet.com/ To unsubscribe send an email to [EMAIL PROTECTED] with unsubscribe sclinux ***************************************************************
