North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Rootshell -- update

  • From: Adam D. McKenna
  • Date: Sun Nov 01 13:19:49 1998

>From http://www.ssh.fi/sshprotocols2/rootshell.html

NO KNOWN VULNERABILITIES IN SSH-1.2.26
The Rootshell page (www.rootshell.com) was modified by hackers on October
28th. The server running the page had Secure Shell 1.2.26 and it is assumed
that the entry was made via Secure Shell. This assumption is based on the fact
that no other service allowing connections was active.

SSH Communications Security also made an analysis of the problem, during which
the Secure Shell source code was thoroughly checked. No buffer overflows nor
any other security bugs were found. THERE ARE NO KNOWN VULNERABILITIES IN
SSH-1.2.26.

At the moment, it looks most likely that the Rootshell break in was made with
legitimate authentication that was gained by some means external to Secure
Shell. More information will be given if further analysis sheds more light to
the attack.

Last update November 1, 1998

---
bash: syntax error near unexpected token `:)'

Adam D. McKenna
[email protected]