OpenSSH Local Root Hole
maelstrom writes: "Looks like someone's found a local root exploit for OpenSSH versions between 2.0 and 3.0.2. Seems as though its a one-off error, there is no public exploit, but there is sure to be one shortly. They aren't ruling out remote exploit. Recommending patching and upgrading ASAP."
Ummmm, RTFP!
They aren't ruling out the possibility of a remote exploit.
I can't wait for the Daniel J. Bernstein version of ssh.
-russ
Don't piss off The Angry Economist
Nah they don't.;) But I'm working on exploit code as we speak.
Has all the features any Modern Programmer could want. And it has the Highly Secure .net framework built in. What more could you want?
Best Slashdot Co
Four days without a remote hole in the default install!
Not sure if OpenSSH is enabled by default though.