New Vulnerabilities in Portable OpenSSH 324
An anonymous reader writes "The OpenSSH team has uncovered multiple exploitable vulnerabilities in the days-old portable release of OpenSSH. That's right folks: time to patch *again*. 3.7.1p2 is now available. Instructions and mirror list here. Please note that this vulnerability only affects *portable* OpenSSH--so if you are running OpenBSD, you're safe. This vulnerability apparently has to do with PAM, so you can use the 'UsePam no' option in your config file. Info on the advisory here and here."
hmm (Score:5, Funny)
-ted
A solution? (Score:5, Funny)
Wouldn't that prevent anyone from loging-in? I guess that's a solution. Why not disconnect the network cable, too?
Time for a new spin on security practices? (Score:4, Funny)
You should switch to \/\/ind0w5! (Score:0, Funny)
Re:hmm (Score:5, Funny)
Re:Non-standard configuration (Score:1, Funny)
Become a nudist, and wear a ski-mask over your head.
When will it end? (Score:3, Funny)
When will people learn that non-stick cooking spray causes more harm than good? Unneeded fat, calories and remote root exploits are just some of the problems caused by these unsavory products. For god's sake, people...there are better ways to dissipate heat and prevent sticking and burning. For one, turn that CPU clock speed down! Just because you can fry an egg on your motherboard, doesn't mean you should! That's what the CD-ROM drive is for!
Not the way to compete with MS (Score:2, Funny)
On second thought, maybe more patches will make IT managers think that OSS=MS in quality and will begin to use OSS more because it is as good as MS.
NarratorDan
New Motto (Score:5, Funny)
Yippee! (Score:5, Funny)
This is just like being a MCSE! Now I can hang out with the NT guys and chat about patching!
Microsoft are the reason (Score:2, Funny)
Re:hmm (Score:3, Funny)
Re:hmm (Score:1, Funny)
Re:hmm (Score:3, Funny)
Yes, sorry about that. I discovered an exploit when I inserted a 'long' into a 'short' buffer in PAM's module...
Re:Yippee! (Score:2, Funny)
You think you're joking but you're not (Score:3, Funny)
Take "OPEN" out of the name (Score:2, Funny)
Ya know, maybe it's time to take the word "Open" out of OpenSSH. It's becoming too much of a self-fulfilling prophecy.
How about "TheSourceIsOpen_ButWeWillBeDamnedIfYouGetInWitho