Contact Us
Critical OpenSSH Patch Released
- URL: http://www.secureworks.com/research/threats/opensshadvisory
- Date: September 16, 2003
- Author: Joe Stewart
***Critical Threat Patch Released***
A critical patch for OpenSSH was released today for which there is exploit code circulating in the underground. If you rely on OpenSSH for any of your servers, you should take steps to upgrade now. It is believed that any OpenSSH version below 3.6.1 is vulnerable. OpenSSH 3.7 has been released to address this vulnerability.
Threat:
Critical
Also consider the threat to OpenSSH on appliance devices; the project leader of OpenSSH had this to say about it: "every single hp and cisco switch containing this code is likely vulnerable." You should contact your vendor for any routers or switches that allow interactive logins to get updated firmware as soon as it is available. You should also ensure that OpenSSH access is only permitted from trusted source addresses and run OpenSSH on a non-standard high port number if possible.
This vulnerability is also a prime target for a worm - with all the Microsoft worms released in the past few months, a Linux/Unix worm would likely gain high-profile media attention. This fact will not escape would-be malcode authors.
Remediation:
If you would like to compile the latest version before your vendor makes packages available, you can download source code for version 3.7 from:
