NO KNOWN VULNERABILITIES IN SSH-1.2.26 The Rootshell page (www.rootshell.com) was modified by hackers on October 28th. The server running the page had Secure Shell 1.2.26 and it is assumed that the entry was made via Secure Shell. This assumption is based on the fact that no other service allowing connections was active. SSH Communications Security also made an analysis of the problem, during which the Secure Shell source code was thoroughly checked. No buffer overflows nor any other security bugs were found. THERE ARE NO KNOWN VULNERABILITIES IN SSH-1.2.26. At the moment, it looks most likely that the Rootshell break in was made with legitimate authentication that was gained by some means external to Secure Shell. More information will be given if further analysis sheds more light to the attack. Last update November 1, 1998 --- bash: syntax error near unexpected token `:)' Adam D. McKenna adam@flounder.net
participants (1)
-
Adam D. McKenna