JR Mayberry wrote:
Supposedly sendmail 8.9.1 is to blame, not ssh. http://www.sendmail.com/sendmail.8.9.1a.html
MIME buffer overflows is *not* a sendmail problem. What made you say this?
I believe the sendmail 8.9.1 speculation comes from the fact that "thanks for 8.9.1" is mentioned on the hacked page twice. Of course they claim they were running qmail. Despite the rampant speculation about ssh-1.2.26 being responsible, it still seems preferable over ssh2 (which is LARGELY unfinished, and rivals even ircd and win98 for the convoluted code of the year award). On the more humorous side of things, It looks like someone at rootshell got fired. http://adimage.blm.net/rootshell/cnjob.gif =) -- Richard Steenbergen <humble@lightning.net> Data Innovations System Admin http://www.bitchx.com/~humble - humble@EFnet - PGP KeyID: 0x21581362 PGP Fingerprint: 7552 6AB2 B9C7 5A1B F1B6 8EA3 DFCF 793D 2158 1362 "Trespassers will be shot! Survivors will be shot again!"