Rootshell -- update

Adam D. McKenna adam at flounder.net
Sun Nov 1 17:48:04 UTC 1998


>From http://www.ssh.fi/sshprotocols2/rootshell.html

NO KNOWN VULNERABILITIES IN SSH-1.2.26
The Rootshell page (www.rootshell.com) was modified by hackers on October
28th. The server running the page had Secure Shell 1.2.26 and it is assumed
that the entry was made via Secure Shell. This assumption is based on the fact
that no other service allowing connections was active.

SSH Communications Security also made an analysis of the problem, during which
the Secure Shell source code was thoroughly checked. No buffer overflows nor
any other security bugs were found. THERE ARE NO KNOWN VULNERABILITIES IN
SSH-1.2.26.

At the moment, it looks most likely that the Rootshell break in was made with
legitimate authentication that was gained by some means external to Secure
Shell. More information will be given if further analysis sheds more light to
the attack.

Last update November 1, 1998

---
bash: syntax error near unexpected token `:)'

Adam D. McKenna
adam at flounder.net





More information about the NANOG mailing list