Results 1 to 25 of 65
Thread: Heads up - Openssh 4.3* 0day
Threaded View
-
07-03-2009, 05:54 PM #1Disabled
- Join Date
- May 2006
- Posts
- 1,426
Heads up - Openssh 4.3* 0day
Note: I thought I posted this yesterday, either I forgot to hit submit or a mod deleted it for some reason, if mods dont want this thread up lemme know
I have heard this from a reliabl;e source. Was a recent pretty big site that got hacked, they had a forensic speciliast come in and recover the partitons and such. There is like 500 mb of logs and such related to the hack and I have some info on it. It all started at openssh, not a password login either. The hacker was able to exploit ssh and get in without even showing up as system user somehow.
As far as getting the exploit and exact strings used it was not possible as it is encypted ssh traffic. If someone really knows how to decrypt or read that then I can get you the logs.
Anyway, one of the staff of the site that got hacked- his personal server was hacked with same method, after he upgraded to the latest version of ssh they wanst able to get back in.
So there is defintely an SSH 0day, the current Centos/RHEL SSh versions are all vulnerable. To be on the safe side I advise everyone to upgrade via source or a newer package if you can find one.
One easy way to do it is using the update script from directadmin forums - http://directadmin.com/forum/showthread.php?t=22587 It will work on cpanel servers or any other server as well, is not control panel related. I successfully upgraded mine.
IN yum.conf you need to add *SSH* to the excludes so it doesnt get overwrote with yum update.
I guess I would consider this still a rumor as far as public opinion goes but from what I have seen and heard from various people it is true. it doesnt hurt anything to upgrade so why not to be on the safe side?
If anyone else has any info on this post on it.0
Similar Threads
-
0day Microsoft Vulnerabilities
By izonate in forum Web Hosting LoungeReplies: 2Last Post: 11-15-2002, 08:56 AM -
OpenSSH and FTP
By eddy2099 in forum Hosting Security and TechnologyReplies: 9Last Post: 08-15-2002, 12:50 PM -
Openssh
By MikeMc in forum Hosting Security and TechnologyReplies: 4Last Post: 08-11-2002, 04:22 PM -
OpenSSH 3.4p1-1
By ellebi in forum Dedicated ServerReplies: 0Last Post: 06-27-2002, 04:32 AM -
openssh 3.4
By clocker1996 in forum Hosting Security and TechnologyReplies: 8Last Post: 06-26-2002, 05:42 PM