Jay wrote:

>*** OpenSSH Remote Root Exploit ***
>
>Hey all. I just sent this to AZIPA and considering the severe impact of a
>remote root exploit, and the fact that many of you are probably running
>OpenSSH, I thought I'd forward it to PLUG too. Details below:
>
I've been following this with some concern since I run ssh for my little 
routing lab. That *used* to make me feel better.

Anyhow, I'm running Debian and just did an apt-get dist-upgrade to 
OpenSSH 3.3p1-0.0potato6. I run sshd only on a non-default port *not* 
covered by nmap by default. I think I'm in pretty good shape, but wanted 
to check with others and see if there are any other recommendations 
(short of shutting it off).

I also noticed the following in my log today. I had updated to 3.3 a 
couple of days ago, so that's what was running when this showed. I just 
don't know enough about the innards of ssh to know if this is an issue:

Jun 26 07:50:09 localhost sshd[14694]: fatal: mm_request_send: write

Thanks to logcheck, things like that get noticed. That's the only 
occurence, and everything else looks like normal activity.

- Bob