Slashdot Mirror


New ssh Exploit in the Wild

veg writes "In the last few hours there have been several reports of a new ssh bug, with an exploit seemingly in the wild. Oh god not again... The lengths some people will goto to try and damage Theo's pride." Update: 09/17 00:24 GMT by T : friscolr writes "Hot on the heels of rev 1 of the buffer.adv advisory, here is revision 2, which fixes more than revision 1 did. Also see the 3.7.1 release notes."

11 of 754 comments (clear)

  1. Uh oh by Anonymous Coward · · Score: 5, Funny

    Best patch and upgr..&*[NO CARRIER]

  2. Public Service by Morologous · · Score: 5, Funny

    Posting this to slashdot is actually a public service, as the exploit description will be /.'d and unable to effectively be disseminated to the bad actors.

  3. Telnet by Henry+V+.009 · · Score: 5, Funny

    Thank god I'm using something secure like Telnet instead.

  4. guess who by dwakeman · · Score: 5, Funny

    Damn trinity and her sshnuke...

  5. I saw this exploit used by teamhasnoi · · Score: 5, Funny
    I was at the local library, and some kids were on a computer, talking loudly. They seemed to be rather excited about something.

    A librarian peeked around the corner to see where the noise was coming from, then put her finger to her lips and said, "Ssh!"

    The kids ignored her and kept talking, completely and utterly exploiting the hole, and circumventing the 'Ssh'!

    Never was I so frightened.

  6. WOW!! by narratorDan · · Score: 4, Funny

    I just read all these replies (about 15 right now) and all of them are nice and respectfull of the fact that this guy is a newbie!
    I must be on the wrong site.

    NarratorDan

    --
    "If you're not confused by quantum mechanics, you really don't understand it." - Niels Bohr
  7. Re:deceit by danormsby · · Score: 5, Funny

    Ssh, don't tell anyone.

    --
    Omnis amans amens
  8. Re:Does this effect Cygwin??? by funkman · · Score: 5, Funny

    You are already running windows. You have more serious problems.

  9. Re:MOD PARENT DOWN by Syberghost · · Score: 5, Funny

    A demonstration would be nice.

    It'd serve you right if he gave you one. :-)

  10. Re:install base by ryanvm · · Score: 4, Funny

    The only really secure server is buried in concrete, unlugged and at the bottom of the deepest trench in the ocean. It's *probably* secure there, but I wouldn't bet my life on it.

    That's okay, I will.

    I bet this guy's life that a server on the bottom of the ocean is secure.

  11. Re:Uh oh - no funny by theLOUDroom · · Score: 4, Funny

    Yeah those "NO CARRIER" jokes just aren't fun@~%4!.z^%r#$% NO CARRIER

    --
    Life is too short to proofread.