● ssh 1.2.26 vulnerability - 荔园在线 | 深圳大学学生论坛,荔园晨风BBS,深大在线网站

荔园之美，在春之萌芽，在夏之绽放，在秋之收获，在冬之沉淀

发信人: Lg (创造人生的传奇), 信区: Hacker
标  题: ssh 1.2.26 vulnerability
发信站: BBS 荔园晨风站 (Sun Nov  8 19:04:39 1998), 站内信件 (WWW POST)

As most of you are aware, the Rootshell site was compromised on October
28th.  In order to keep the integrity of our investigation we have been
fairly closed-lipped about this incident until now.  This has led to
widespread rumors and speculation by netizens who have zero first hand
knowledge about the break-in.

Some people now believe that we had no evidence of an ssh break-in.  SSH
Communications Security Ltd. even went as far as saying they have analyzed
the Rootshell logs, etc.  Unless they have broken into our network this is
not possible.  We at Rootshell believe they are now simply in damage control
mode and nothing else.

Since the very beginning, Rootshell has been working very closely with the
folks at CERT, and the members of law enforcement to track down the
individuals responsible for the Rootshell break-in.  As the ssh issue has
been a very sensitive topic we have avoided making any statements until we
were sure about anything one way or the other.  The *ONLY* thing Rootshell
has ever said in public about SSH until now has been "The paranoid MAY want
to disable ssh 1.2.26."

In order to show the type of evidence Rootshell has received at this point,
below you will find a draft that IBM was intending to release on Monday
about SSH.  They appear to have jumped the gun slightly and do not have
working exploit code, but have found possible buffer overflows in the ssh
1.2.26 code.  Rootshell has also received further reports of exploit code
going around in various circles.  SSH Communications Security Ltd. has
evaluated this bulletin and now believes it is actually not a problem.

Rootshell will continue its investigation of this matter as well as other
security issues and will make this information public as soon as possible.
I hope that this bulletin will at the very least put an end to the wild
speculation that this was a hoax, or that we are just in the business of
making wild accusations.

Please see http://www.ssh.fi/sshprotocols2/rootshell.html for their
"analysis" of events.  It is sad that we had to learn of this URL from
Slashdot.org instead of SSH directly.  They appear to have some serious
communications dificuilties.  Both Rootshell and CERT were met with
unanswered phones at SSH Communications Security Ltd. and Data Fellows when
we attempted to research this matter.  Perhaps after this incident they can
work on correcting these issues.

SSH is a trademark of SSH Communications Security Ltd.  All rights reserved.
-

--
☆ 来源:．BBS 荔园晨风站 bbs.szu.edu.cn．[FROM: 210.39.0.47]

荔园在线首页友情链接：深圳大学深大招生荔园晨风BBS S-Term软件网络书店