[rescue] [geeks] PSA: Remote root, OpenSSH 3.5p1, FreeBSD

Phil Stracchino alaric at metrocast.net
Sat Jul 2 11:07:05 CDT 2011

On 07/02/11 07:23, Sevan / Venture37 wrote:
> On 30 June 2011 18:27, Phil Stracchino <alaric at metrocast.net> wrote:
>> http://lists.grok.org.uk/pipermail/full-disclosure/2011-June/081722.html
>> (Sorry if this duplicates, sent from the wrong account first time)
> http://lists.grok.org.uk/pipermail/full-disclosure/2011-July/081730.html
> Anyone still running FreeBSD 4.x in production?

It was separately noted elsewhere that this disclosure cites OpenSSH
3.5p1 on FreeBSD 4.x.  The disclosure does not stipulate anywhere that
this is the ONLY combination of platforms upon which the vulnerability
exists, merely that this is the combination on which it was
demonstrated.  The offending code module is present up until OpenSSH
5.2.  It is therefore possible that OpenSSH versions up to 5.2 are
vulnerable to this attack.

  Phil Stracchino, CDK#2     DoD#299792458     ICBM: 43.5607, -71.355
  alaric at caerllewys.net   alaric at metrocast.net   phil at co.ordinate.org
  Renaissance Man, Unix ronin, Perl hacker, SQL wrangler, Free Stater
                 It's not the years, it's the mileage.

More information about the rescue mailing list