Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSH Vulnerability Disclosed, Version 3.4 Released

Posted by timothy on from the quick-turnaround dept.

Dan writes: "OpenSSH 3.4 has been released and will be shortly available on all mirrors. All versions of OpenSSH's sshd between 2.9.9 and 3.3 contain an input validation error that can result in an integer overflow and privilege escalation. OpenSSH 3.4 fixes this bug." And kylus writes: "The previously mentioned vulnerability in OpenSSH has been disclosed by ISS X-Force today on the BugTraq list. This is a potential remote root compromise, and while there is a workaround, it's advised that users upgrade to version 3.4 as soon as they can."

2 of 336 comments (clear)

  1. Argh... by Cutriss · · Score: 0, Troll

    What you submitted appears below. If there is a mistake...well, you should have used the 'Preview' button!

    --
    "Mod, mod, mod...and another troll bites the dust."
  2. Re:well... by mr_gerbik · · Score: 1, Troll

    what company would that be?

    oh.. microsoft. HAHAHAHAHAHAHAHAHAHAHAHAHAHA!

    microsoft totally sux0rz d00d! n1c3 j0k3!