Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSH Local Root Hole

Posted by michael on from the say-it-ain't-so dept.

maelstrom writes: "Looks like someone's found a local root exploit for OpenSSH versions between 2.0 and 3.0.2. Seems as though its a one-off error, there is no public exploit, but there is sure to be one shortly. They aren't ruling out remote exploit. Recommending patching and upgrading ASAP."

1 of 490 comments (clear)

  1. I'm going back to telnet by cluge · · Score: 2, Troll

    How many exploits can one "secure" softare package have? I mean jesus, BSD is fairly secure and this project is supposed to have BSD style security checks. What went wrong.

    Information like this makes me

    A. Consider purchasing SSH from a commercial source because the AMOUNT of problems with it is less

    B. Going back to telnet!

    Not many people out there with sniffers between my box and my connection. Lots of l33t haX0rS with worms probing port 22.

    --
    "Science is about ego as much as it is about discovery and truth " - I said it, so sue me.