-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 (forwarded from misc at openbsd.org. The affected people ran Redhat) FYI... heads' up from the SSH mail list > > A colleague sent me a very vague e-mail, telling me that I should 'disable > > SSHD now' because of a 'private exploit being circulated since Saturday'. > > > > Anyone know anything about this? > > The following URL should give you some more information: > http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=100696253318793&w=2 Given the other issue of Kerberos pre-v3, an update to the latest OpenSSH 3.0+ seems warrented. http://www.oreillynet.com/lpt/a/linux/2001/11/26/insecurities.html -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (OpenBSD) Comment: For info see http://www.gnupg.org iD8DBQE8Bu95fexLsowstzcRAn9UAJwPqCgv7n5zBAF7K4EbUGfgml2cLQCfdICG bS4kDoKGWmvGLrp+PXs2kiA= =Z8jF -----END PGP SIGNATURE-----