In Openssh is een security bug gevonden, dus update je SSH versie.
Volg de link en volg de instructies.
[quote]
II Problem Description
OpenSSH multiplexes `channels’ over a single TCP connection in order
to implement X11, TCP, and agent forwarding. An off-by-one error in
the code which manages channels can result in a reference to memory
beyond that allocated for channels. A malicious client or server may
be able to influence the contents of the memory so referenced.
III. Impact
An authorized remote user (i.e. a user that can successfully
authenticate on the target system) may be able to cause sshd to
execute arbitrary code with superuser privileges.
A malicious server may be able to cause a connecting ssh client to
execute arbitrary code with the privileges of the client user.
[/quote]
[url=ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02%3A13.openssh.asc]Link[/url]
damn dat is de 2de bug al in korte tijd….
maar goed dat het veiliger is dan telnet 🙂
alhoewel ? 😉
De bug is (waarschijnlijk) niet exploitable onder *BSD.