Fw: E-Secure-IT Alert!

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

[ Data: precedente | successivo | indice ] [ Argomento: precedente | successivo | indice ]

Archivio: Novembre 2001 ml@sikurezza.org
Soggetto: Fw: E-Secure-IT Alert!
Mittente: Raistlin
Data: 30 Nov 2001 09:37:13 -0000

Vi consiglio questo bel servizio:
http://www.e-secure-it.co.nz/

E vi inoltro un messaggio arrivatomi oggi sul tema di quello gia' circolato
in ML:

> Title: RED ALERT UNCONFIRMED - SSH ONLY - There seems to be a new exploit
released "in the wild", enabling hackers to break in through SSH (Secure
Shell) connections
> URL:
http://www.e-secure-it.co.nz/dscgi/ds.py/Get/File-6163/Re_sshd_exploit.txt
> Location: * RED ALERT - UNCONFIRMED  - EMAIL NOTIFICATION *
> Location URL: http://www.e-secure-it.co.nz/dscgi/ds.py/View/Collection-245
>
> Description:
> Yes, your friend is right, I'm not sure of the specifics, but I have a
copy
> of the exploit and it has only been released in binary form.  OpenBSD's
> OpenSSH team or no other SSH development group has yet to make a formal
> statement, most likely due to the fact they don't know what the
vunerability
> is as of yet so they don't want to spark a fire.  The vunerability is a
> great threat because it is remote and root compromisable.  The exploit
scans
> a listing of addresses, and when it find a host it just drops to a
> rootshell.



________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List

Data:
- precedente: Re: SysAdmin, responsabilit` e rischi, Pr01n
- successivo: Re: OpenBSD 3.0 out (?), Marco Ivaldi
- indice

Argomento:
- precedente: Re: SysAdmin, responsabilit` e rischi, Pr01n
- successivo: R: Analizzatore di log, davi . mario
- indice

[ Home | Liste | F.A.Q. | Risorse | Cerca... ]

www.sikurezza.org - Italian Security Mailing List
(c) 1999-2005