On October 28th the security of rootshell.com server was
compromised (“Entry to the machine was made via SSH”), and their
web pages were defaced.
Rootshell came forward stating that they would alert people to
exercise caution with ssh (1.2.26).
Shortly thereafter, IBM releases an alert of
possible security problems with ssh.
The original author of SSH responds with this message,
stating that he has thoroughly audited the code and finds no reason
for concern.
Rootshell maintains that they
are not pointing fingers at anyone.
The continuing saga unfolds at Rootshell’s website.