OpenSSH vulnerability (was Re: [PLUG] (forw) smtp attack from 208.187.215.242)

Sandy Herring sandy at herring.org
Tue Jun 25 23:36:01 UTC 2002


Unrelated to my smtp question - but good info. Thanks for the heads-up
Anthony. Both SuSE ( http://online.securityfocus.com/advisories/4231 ) and
Mandrake ( http://online.securityfocus.com/advisories/4228 ) have issued
advisories (so far, I expect more vendors will follow).

Sandy

On Tue, 25 Jun 2002, Anthony Schlemmer wrote: 
> I'm starting to see some port 22 probes. Maybe in connection with the 
> OpenSSH vulnerability that's been mentioned lately? 
> 
> It seems like a pretty big deal as I received an email from SuSE's 
> Security mailing list and they ranked it a severity 9 out of 10 so it's 
> quite severe. They were recommending disabling SSH or block external 
> access to SSH until details of the vulnerability were published.
> 
> On Monday 24 June 2002 21:37 pm, Sandy Herring wrote:
> > I had gotten used to seeing virtually nothing but probes to port 1433
> > - until today. Anyone else getting hammered with smtp probes?
> >
> > Sandy
> 
> -- 
> Anthony Schlemmer
> aschlemm at attbi.com
> 
> 
> 
> _______________________________________________
> PLUG mailing list
> PLUG at lists.pdxlinux.org
> http://lists.pdxlinux.org/mailman/listinfo/plug

-- 
Sandy Herring, RHCE                        o              sandy at herring.org
Peck of Pickled Pisces               __  o               http://herring.org/
UNIX or Web authoring questions?  |\/ o\  o  http://herring.org/finger.html
=>http://herring.org/techie.html  |/\__/     http://herring.org/pub-key.asc
*sh, Perl, C, VBA, PICK Assembler, Data/Basic, PROC & profanity spoken here.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
URL: <http://lists.pdxlinux.org/pipermail/plug/attachments/20020625/efb43353/attachment.asc>


More information about the PLUG mailing list