[ Thanks to linuxnews.pl for this link.
]
“A vulnerability which can be very dangerous for lot of *nix
servers has been descovered. Bug is in the ssh server, and it can
be used to perform remote root exploit. Problem concerns all ssh
versions form ssh.com, OpenSSH < 2.3.0 and ssh from
f-secure.”
“Being sentenced to use MS Windows 2000 for past week or so,
I’ve finally managed to install Linux on my workstation.
Unfortunately, as I’ve been really frustrated by all the paperclips
and so on, I’ve decided to spend this night on something more
productive than idling on irc. And it happened. To be short:”
“Both OpenSSH and ‘classical’ ssh daemons are vulnerable to
remote arbitrary memory overwrite attack, which would, in my humble
opinion, lead to direct root compromise. I haven’t exploited it,
and I have no slightiest will to do it (I guess the last thing we
need is an exploit flying in the wild)… Certainly it requires
attacker to understand SSH algorithms and internals, and isn’t just
a copy-and-paste programming. This attack can be performed without
almost any knowledge about victim machine.”
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.