APM: Critical Exploit

Wayne Walker wwalker at bybent.com
Wed Jun 26 10:57:16 CDT 2002


OK,
There is a critical exploit in ssh.  I don't know details, I heard it as
a rumor yesterday.

Today, I found a user on one of my servers running an sshd scanner
looking for exploits.  I've already contacted the FBI and shut the user
down (but the box is hacked, somthing keeps coming up listening on udp
around port 2000 (varies, 2096, 2100,...)

Just a heads up.  I'd recommend everyone update your ssh today.

-- 

Wayne Walker



More information about the Austin mailing list