Re: Is there an openssh security problem?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Am 07.07.2009 um 22:31 schrieb Geoff Galitz:

>
>
>
>> is there a security issue on CentOS 5.3 with openssh 4.3?
>
> If this is a real zero-day exploit.. then yes, there is an issue.  The
> following link may be the best source of information at the moment:
>
> http://isc.sans.org/diary.html?storyid=6742
>
>
> FWIW, I think the second comment about RHEL/Centos in the referenced  
> post is
> a little off-base.  After all, you have to know that a bug exists  
> before you
> can fix it.



Well, there are usually behind-the-scenes communications between  
various vendors to get security-relevant bugs fixed in a coordinated  
fashion.
This community is very small and closely knit - few stuff (if at all)  
spills out before it should.
So, there might be fixes waiting to be released, too. We just don't  
know.

Unless it's a real 0day.
Those are rare, though ;-)



Rainer
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux