1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
I should point out that this in no way confirms OpenSSH to be vulnerable. |
5 |
|
6 |
Do you run a webserver, perhaps with PHP or other risky server-side |
7 |
scripts enabled? Do you run any other services that may be a security |
8 |
risk (mail, database, etc)? Have you ever logged in remotely over an |
9 |
insecure connection or from a public access computer? |
10 |
|
11 |
One incident does not mean there is a 0day exploit for OpenSSH. |
12 |
- -- |
13 |
Dan ("KrispyKringle") |
14 |
Gentoo Linux Security Coordinator |
15 |
-----BEGIN PGP SIGNATURE----- |
16 |
Version: GnuPG v1.2.4 (Darwin) |
17 |
|
18 |
iQEVAwUBQQ6pR7DO2aFJ9pv2AQIH4Af/fO51vE1mH75SrudZDVwHI/v0bNfv1C9b |
19 |
BufMWA4wI8F+5qPTV1U6wHkS2pqGfiY/dqcTHTMotFwn3egFHZQktngJXvWy3FjN |
20 |
fkQQCDuSo1EYiM6sl42qBspYYvS1x6gBs1XCkjrZ88wobYQhwIWu/i88Mdvv4zoF |
21 |
lBu2J+gISXsWEBiUT8KAoMhHN8Y7UY9Ip4Liq8kF7jZlZtx1Xl/zRdkfFRzMdVV4 |
22 |
heZr2ccD7OVYLAegbK04c20qvQ4Qprl2YBUk2VFxbxcy+cUJM8/qCH5s7XVTa8+2 |
23 |
j5KoAKT04DPs2SjdK+YVIlr2xYZ5DBFWlmFgvrVyf0xBSXBlpaYl7Q== |
24 |
=gTdc |
25 |
-----END PGP SIGNATURE----- |
26 |
|
27 |
-- |
28 |
gentoo-security@g.o mailing list |