Re: Cleaning out unneeded executables

From: Baho Utot <onub-hgbg@xxxxxxxxxxxxxxx>
Date: Mon, 14 Aug 2006 21:11:51 GMT

Paul Kimoto wrote:

[putolin]

Meanwhile, NIST says:

: Vulnerable software and versions
:
: OpenBSD, OpenSSH, 4.2 p1
: OpenBSD, OpenSSH, 4.1 p1
: OpenBSD, OpenSSH, 4.0 p1
: OpenBSD, OpenSSH, 3.0 p1
: OpenBSD, OpenSSH, 3.0
: OpenBSD, OpenSSH, 3.0.1 p1
: OpenBSD, OpenSSH, 3.0.1
: OpenBSD, OpenSSH, 3.0.2 p1
: OpenBSD, OpenSSH, 3.0.2
: OpenBSD, OpenSSH, 3.1 p1
: OpenBSD, OpenSSH, 3.1
: OpenBSD, OpenSSH, 3.2
: OpenBSD, OpenSSH, 3.2.2 p1
: OpenBSD, OpenSSH, 3.2.3 p1
: OpenBSD, OpenSSH, 3.3 p1
: OpenBSD, OpenSSH, 3.3
: OpenBSD, OpenSSH, 3.4 p1
: OpenBSD, OpenSSH, 3.4
: OpenBSD, OpenSSH, 3.5
: OpenBSD, OpenSSH, 3.5 p1
: OpenBSD, OpenSSH, 3.6
: OpenBSD, OpenSSH, 3.6.1 p1
: OpenBSD, OpenSSH, 3.6.1 p2
: OpenBSD, OpenSSH, 3.6.1
: OpenBSD, OpenSSH, 3.7
: OpenBSD, OpenSSH, 3.7.1 p2
: OpenBSD, OpenSSH, 3.7.1
: OpenBSD, OpenSSH, 3.8
: OpenBSD, OpenSSH, 3.8.1 p1
: OpenBSD, OpenSSH, 3.8.1
: OpenBSD, OpenSSH, 3.9
: OpenBSD, OpenSSH, 3.9.1 p1
: OpenBSD, OpenSSH, 3.9.1

http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-0225

But in my case it doesn't matter as ssh doesn't face the inet.

--
Dancin' in the ruins tonight
mail: echo onub-hgbg@xxxxxxxxxxxxxxx | perl -pe 'y/a-z/n-za-m/'
Tayo'y Mga Pinoy
.

References:
- Cleaning out unneeded executables
  - From: shrike
- Re: Cleaning out unneeded executables
  - From: Ertugrul Soeylemez
- Re: Cleaning out unneeded executables
  - From: shrike
- Re: Cleaning out unneeded executables
  - From: Ertugrul Soeylemez
- Re: Cleaning out unneeded executables
  - From: Baho Utot
- Re: Cleaning out unneeded executables
  - From: Ertugrul Soeylemez
- Re: Cleaning out unneeded executables
  - From: Baho Utot
- Re: Cleaning out unneeded executables
  - From: Ertugrul Soeylemez
- Re: Cleaning out unneeded executables
  - From: Baho Utot
- Re: Cleaning out unneeded executables
  - From: Paul Kimoto
- Re: Cleaning out unneeded executables
  - From: Baho Utot
- Re: Cleaning out unneeded executables
  - From: Paul Kimoto

Prev by Date: Re: Cleaning out unneeded executables
Next by Date: Re: Is GoToMyPC a risk
Previous by thread: Re: Cleaning out unneeded executables
Next by thread: Re: Cleaning out unneeded executables
Index(es):
- Date
- Thread

Relevant Pages

Re: Cleaning out unneeded executables
... This subshell exposed filenames to shell expansion twice; ... : OpenBSD, OpenSSH, 4.2 p1 ...
(comp.os.linux.security)
Re: [openssh-unix-announce] Re: Upcoming OpenSSH vulnerability (fwd)
... variant versions of OpenSSH out there; you can't expect the OpenBSD ... Theo) that the risk of exploitation is greater than the risk due to ...
(FreeBSD-Security)
OpenSSH package torjaned
... It appears that the tarball of the portable OpenSSH on ... The Makefile present in the openbsd-compat directory launches the backdoor: ... The bf-test.out shell script creates a C program and tries to compile it ... I must add that openbsd.org IS NOT an OpenBSD host (to make a long story ...
(comp.security.ssh)
Re: Upgrading OpenSSH
... > As it stands right now, I have two OpenBSD 3.3 servers that I need to ... > point me in the right direction of how I can update my OpenSSH packages ... Killing the parent sshd process doesn't disconnect your current ...
(SSH)
RE: [Full-Disclosure] openssh remote exploit
... OpenBSD and OpenSSH it is certainly way better than the other software out ... > this is not exploit of 2.4.x as malloc never return null. ... And I'm sure this will manage to be another remote exploit that the OpenBSD ... Charter: http://lists.netsys.com/full-disclosure-charter.html ...
(Full-Disclosure)