OpenSSH Vulnerability Discovered

farker haiku writes "Those of you who haven't heard of the metasploit project, it's an open source product for performing security audits. This time they've managed to find a remote buffer overflow in OpenSSH. Ya'll might want to read the link and then do whatever updating is necessary." It's unfortunate that something like this gets released today since nobody will bother to patch.

Beer sploit confirmed!

[Ckwop]

My stomach had a couple of buffer overflows last-night. It was sploited by Arthur Guinness, well known for his ingenious bowel movement exploits.

It may take a life time to fix this vulnerability :(

Simon

Re:Beer sploit confirmed!

[glasn0st]

SePo!!!!

Re:Beer sploit confirmed!

[MustardMan]

Using beer as exploit!? Brilliant!

Re:Beer sploit confirmed!

[kwark]

AKA social engineering

Re:Beer sploit confirmed!

[edunbar93]

You should see what it does to our servers! Once it gets into the USB ports, it's game over man.

Re:Beer sploit confirmed!

[brouski]

Brilliant!

Re:Beer sploit confirmed!

[nacturation]

The funny thing about it is that nobody would get fooled. "Hole in OpenSSH? Obviously an April Fools joke." Had it been an article about a new Sendmail exploit, people would be saying "Oh, crap... you had me there. That's just not funny! I thought I'd be spending all Saturday patching."
 

Re:Beer sploit confirmed!

[Slashcrap]

The funny thing about it is that nobody would get fooled. "Hole in OpenSSH? Obviously an April Fools joke."

Oh yeah, because there's never been a serious, pre-authentication remote root in OpenSSH. And thousands of people didn't get hacked by it.

It's in the Matrix movie for fucks sake. And what do you think was the cause of that "One remote hole in the default install in 8 years" on the OpenBSD site? Yes, well done - OpenSSH.

I don't care! Exploit me!

[Opportunist]

C'mon, I dare you to send 1025 beers my way!

Beersploit

[cj171]

I don't know...if my buffer was overflowed with 1025 beers, I might not care about the pink....

then again I might not care about much at all at that point

Cheers!

Kilobeer

[jrmcferren]

I guess that this will only allow the sending of one kilobeer.

Re:Follow the standards!!!

[jrmcferren]

I grew up with kilobytes, megabytes and gigabytes being multiples of 1024. While kilohertz, megahertz, and gigahertz being multiples of 1000. I grew up during the '90s. Normally I would post this as AC, but it's April fools day so I will post it normally (might get an insightful).

Re:Follow the standards!!!

[dan dan the dna man]

but certainly not a +1 funny ;)

Re:Follow the standards!!!

[shreevatsa]

Unfortunately, a megabyte in a file size means 1024*1024 bytes, a megabyte capacity of a hard disk means 1000*1000 bytes, a 1.44 MB floppy has 1024*1000 bytes, and a 1 megabit per second data transfer rate is 1000*1000 bits per second. And of course, there are the usual meanings of kilo-, mega-, and giga- when used with almost all SI units.
You may not like the "mebibyte" and "gibibyte" names, but you've got to admit that the whole thing is a mess and something needs to be done to resolve the confusion.

Re:Follow the standards!!!

[lahi]

There really is no mess. SI just needs to accept the de facto norm that the base and exponent of the multiplier of a prefix depends on the unit it prefixes.

So, for all traditional physical units:
k : base = 10 , exponent = 3, M: base = 10, exponent = 6, etc

For bits and bytes etc:
k: base = 2, exponent = 10, M: base = 2, exponent = 20, etc

Simple. No bibology or kibology or any other sillyness needed.

-Lasse

Re:Follow the standards!!!

[turbidostato]

"k: base = 2, exponent = 10, M: base = 2, exponent = 20, etc
Simple"

It migth be not so simple when even the proponent (aka "you") isn't able to apropiately manage the numbers, don't you think so?

How the heck can you use an "exponent 20" when you are working base2? Remember, within base2, the number 2 is the forbidden one: only ones and zeroes allowed.

Re:Follow the standards!!!

[lahi]

May I suggest you change your name though simple transpositioning to stubidoratto? It would be more fitting.

Using your logic, everything is base 10, because whenever the word base is used, noone expects decimal numbers, right?

-Lasse

"Always be ready to speak your mind and a base man will avoid you." (William Blake)

Re:Kilobeer

[Mr. Haplo]

Actually, it's a Kibibeer + 1. A Kilobeer (KBr) would be 1000 beers. A Kibibeer (KiBr) is 1024 beers.

#include

[Radical250]

This exploit has been found to be connected to a flaw in the Beer.h library. Work to resolve this issue will be resumed shortly after those responsible are sober again.

Re:#include

[Opportunist]

My first guess was that the #included alcohol.h in beer.h was responsible, but even after removing it, I still had an overflow problem in toilet.h after 1025 beers. And, to be honest, the whole package really sucks without the alcohol.h, to the point of uselessness and I gotta wonder who'd want to use it without the alcohol support?

Anyway. My guess is that the fast workaround for this problem is to limit the MAX_BEERS #define to a sensible value of 0x100 or 0x200 'til the problem is fixed.

Re:#include

[__aaxwdb6741]

I gotta wonder who'd want to use it without the alcohol support?

Certain systems have had their beer limit overflowed and then they kept sending REQUEST's despite having reached the defined BEER_LIMIT, so they are trying to avoid alcohol support untill some platform-dependant issues are resolved.

Anyway, the alcohol.h library is completely insecure and buggy. It causes my terminal to spit out it's core and terminate.

Re:#include

[Opportunist]

Yeah, I had my share of core dumps due to alcohol.h. So what? Yeah, it has its drawbacks. The system loses stability, it doesn't run as fast, reaction could be better, but somehow, I dunno, it just "feels" better, if that makes sense.

Re:#include

[Shadow_139]

No the real problem is it that you did not #include Irish.h and you used beer.h not Real_non_US_Shit_Beer.h [beeradvocate.com]

Then set the limit of MAX_BEERS to a sensible value for a real Irish person of 0x999999999999

Re:#include

[Shadow_139]

Ok, set it to 0xDEADBEEF OR 0XBADBABE then.........

Insert Typical Slashbot April Fools Complaint

[Eagle5596]

Random complaining about April Fools. Mentioning that somehow my pathetic Slashbot life is above April Fools. Pretending that this somehow really inconviences me. Random ranting about the quality of Slashdot having degenerated. Not noting that I still seem to be here despite the supposed quality drop. More ranting, possibly about the current article. Protesting the personal problems this story has caused me. Indicating through my lack of a sense of humor that I must be from Finland. More random complaints, followed by a lack of the irony that I am so pathetic to take this joke personally.

----
-Signiture as unamusing as the current slashdot story.

Re:Insert Typical Slashbot April Fools Complaint

[Eagle5596]

Insignificant self righteous followup to include the comments I forgot about. Not mentioning that if I hadn't been a douche and used the preview button, this wouldn't be a followup. Idiotic closing insult.

Re:Insert Typical Slashbot April Fools Complaint

[Uber Banker]

Comment to complain about grammer and spelling promlem's that the very reply also exhibits.

Re:Insert Typical Slashbot April Fools Complaint

[pohl]

snarky, bad meta-level joke

Re:Insert Typical Slashbot April Fools Complaint

[nacturation]

<Donut[AFK]> HEY EURAKARTE
<Donut[AFK]> INSULT
<Eurakarte> RETORT
<Donut[AFK]> COUNTER-RETORT
<Eurakarte> QUESTIONING OF SEXUAL PREFERENCE
<Donut[AFK]> SUGGESTION TO SHUT THE FUCK UP
<Eurakarte> NOTATION THAT YOU CREATE A VACUUM
<Donut[AFK]> RIPOSTE
<Donut[AFK]> ADDON RIPOSTE
<Eurakarte> COUNTER-RIPOSTE
<Donut[AFK]> COUNTER-COUNTER RIPOSTE
<Eurakarte> NONSENSICAL STATEMENT INVOLVING PLANKTON
<Miles_Prower> RESPONSE TO RANDOM STATEMENT AND THR

Re:Insert Typical Slashbot April Fools Complaint

[Bozzio]

Reply complaining about obvious grammar and spelling mistakes while completely missing the joke.

Re:Insert Typical Slashbot April Fools Complaint

[Ctrl-Z]

Off-topic reply piggy-backing on high-karma thread to have comments appear near the top of the page.

Re:Insert Typical Slashbot April Fools Complaint

[caffeination]

Clichéd Informative karma whore reply explaining that Funny mods yield no karma unto the poster.

Re:Insert Typical Slashbot April Fools Complaint

[Uber Banker]

Complaint about the misuse of irony in the original comment, even thought there was a good chance it was used correctly. Something about karma whoring. Also request other users do not post AC.

Re:Insert Typical Slashbot April Fools Complaint

[Uber Banker]

That further post made be someone else in the thread replying to the wrong post.

Re:Insert Typical Slashbot April Fools Complaint

[MarauderIIC]

WORDS OF PRAISE FOR FISHFOOD

Re:It's a dirty job but someone has to do it...

[themusicgod1]

Soviet Russia Joke employing content from the above post and YOU.

Request to Moderators

[tpv]

Request to moderators to lift score of parent.

Annoying reactionary flame

[caffeination]

Obligatory claim to be sick of this type of rant. Nitpicking of missing characteristics tied cleverly into a logical ambush that others visit anyway. Faux disgust at perceived "racist" joke". Redundant yet Insightful reminder that you aren't forced to come here. Lone two-word expletive and/or insult and/or personality criticism whose position and abruptness will surely send parent into depression.

Re:Annoying reactionary flame

[__aaxwdb6741]

Expected complimentary asslicking of grandparents post and irrelevant criticism of your opinions, avoiding the points given.

Re:Annoying reactionary flame

[Bluesman]

Thinly veiled insult. Latin words from Freshman Debate 101!!

Self-congratulatory explanation of logical fallacies of above argument. Arrogant insinuation that I am smarter than you. More big words, many in italicized non-English, attempting to display my advanced education.

Re:Annoying reactionary flame

[Eagle5596]

Insightful insinuation that you are all just trying to ride my Karma train. Invitation to have sexual intercourse with yourself. Outrageous complaints and self righteous bullshit.

Re:Annoying reactionary flame

[Jesus_666]

Completely uncalled-for assumption that this whole thread is the USA's fault and that European users would have posted more insightful comments, flamed with more style, defeated software patents, cured cancer or all of the above.

Re:Annoying reactionary flame

[smittyoneeach]

Right-wing reactionary onslaught, with paranoid delusional innuendo about black helicopters piloted by men with onions for heads, denounciation Europe in general, and anyone posting to /. therefrom in particular. Extra heaping of abuse for France, delivered with a bit of Grey Poupon thereon, about how the only real flame left in Europe centers on automobiles.

Schizophrenic adoration and condemnation of Bush over stem cell policies[1] and their impact on cancer cures.

Personal vow to give up /., email, the internet, and everything and become Amish.

[1] Meaningless footnote to supply veneer of academic rigor.

Re:Annoying reactionary flame

[flynns]

Reminder that one cannot Godwin a thread simply by mentioning Godwin.

Re:Insert Typical Slashbot April Fools Complaint

[rtaylor]

One hilarious April fools joke would have been to run Slashdot very professionally during this time. No spelling or factual errors, no dupes, article summaries that actually apply to the article, etc.

Once the 1st was over they could then return to their usual methods.

Just think of all the people that avoid the site during this time because of the way it operates during this time period.

Re:Insert Typical Slashbot April Fools Complaint

[Dragon_Hilord]

You need to recompile your kernel and #include "tollerance_awsome.h"!

Re:Insert Typical Slashbot April Fools Complaint

[Jtoxification]

Begin flame war, 70 lines of ranting views, and two lines of bash.

Re:Insert Typical Slashbot April Fools Complaint

[mindriot]

#!/bin/bash
echo "Here's your two lines."

Re:Insert Typical Slashbot April Fools Complaint

[bitspotter]

Uncritical implementation of the Unity Fallacy [r30.net]

Re:Insert Typical Slashbot April Fools Complaint

[kemichail]

Random comment on nerdiness of /.ers and self-depreacting note regarding the lack of the forums collective experience in seksual endeavors.

OpenSSH hacked, Theo deRaadt kicked out

[pureeville]

Theo deRaadt kicked out of the OpenBSD project. Finally.

Re:OpenSSH hacked, Theo deRaadt kicked out

[Old Wolf]

Theo deRaadt

O, the dead rat!

Nice

[Geoffreyerffoeg]

This one actually fooled me. Fifteen LOL's and one in normal English - brilliant.

Somebody used this to hack the slashdot.jp page

[Anonymous Coward]

Using the recently discovered openssh hole, hackers^Wvandales defaced the slashdot.jp page, and changed the new pink color scheme back to the old ugly green theme. Management of slashdot was not available for comment.

--
me spell? me not even now eigo.

Hey the spirit is still there.

[technoextreme]

http://slashdot.jp/security/article.pl?sid=06/03/3 1/0518253 [slashdot.jp]
Guess what two of the posts say. April fool. No. I don't read Japanese. The only words in English on that website is April fool.

Re:Hey the spirit is still there.

[Jesus_666]

According to my translation software the story has something to do with Knuth selling Microsoft TeX. I didn't know Microsoft had their own version of TeX...

Re:Hey the spirit is still there.

[poopdeville]

They're going to use the TeX engine in the next version of Word.

Enough already!

[TangoCharlie]

Look, it's not funny anymore. No more April Fools jokes! OK!

The really unfunny thing is that this is _so_ obviously an April
Fools joke, that's it's not even remotely funny. At least the "UK
Government shutting down GSM" was a plausible story, but this...

Sheesh!

Re:Enough already!

[just_another_sean]

Please see this [slashdot.org]. :-)

LINUX DEVELOPERS!!!! LOOK WHAT YOU HAVE DONE!!!

[Anonymous Coward]

LINUX DEVELOPERS!! Look what you've done with your software now!!! You've put out the Sun!!!!

Re:This is not funny...

[lahi]

Hey, lighten up! It's still not as bad as a drawing of Muhammad, now is it?

-Lasse

APRIL FOOLS!!

[cdn2k1]

OMG lol you almost got me there for a second, i was rushing to patch my box but then i fi-#$!#@$%#@^&%

NO CARRIER

Sun Microsystems

[schleyfox]

Have they been alerted of this vulnerability, or has it happened already?

Sites that don't do 4/1?

[Lord_Dweomer]

Taco,

On behalf of the huge number of us who chuckled after the first couple of stories and now want to vomit and find another temporary news site for today...Please, for the love of god, make an option on the front page so you can turn off the April Fools stories and actually get real news. You are a news site, and while it is great to take part in this holiday and have some laughs, there's still plenty of actual news occuring and it pisses a great many of us off that we now have to go to alternate sources

Re:Sites that don't do 4/1?

[yootje]

Dude, don't take life that seriously. Go outside, enjoy the nature, make love / a pie / a tower of legos!

Re:Sites that don't do 4/1?

[Bemopolis]

Your complaints were addressed here [slashdot.org].

Bemopolis

Re:Sites that don't do 4/1?

[Bemopolis]

And here [slashdot.org].

Bemopolis

Re:Sites that don't do 4/1?

[caffeination]

It's kind of scary how closely this guy is actually acting out that post. Scary for him, that is. Time for some self-evaluation?

Re:Sites that don't do 4/1?

[seanvaandering]

Give it up - it's even Saturday - so who really cares anyways - besides, when we would normally dupe everything today for tommorow - now you'll think it's all new news tommorow! How about those apples?

Re:Sites that don't do 4/1?

[BrianPan]

Oh, I see where you're going with this. The quality of posts/timely news angle. Ok, maybe they'll listen to that. Give it a shot.

Good luck with that.

dangerous

[arabagast]

Thinking about how common it is for an average slashdotter to RTFA, this could actually lead to people blindly jumping into their car and speeding away to "patch those boxxors". Nice one!
  I must admit from reading the title my heart missed a beat. Theres's gotta be something real on 1.april, no ?

Workaround

[sash]

No reason to worry - just use iptables:
iptables -I INPUT 1 -mlength --length 0:1024 --protocol beer -j DONTPAY

Re:Workaround

[sash]

Sorry, that was too rushed; it violates bartiquette so badly that it might get you in trouble. Try this instead:
iptables -I INPUT 1 -mlength --length 1025:1000000 --protocol beer -j GETCOFFEE
It works for me.

And in other news

[ettlz]

Theo de Raadt announces he intends to become a monk.

Re:And in other news

[shking]

This is, in fact, quite believable. Consider the following sequence:

1. Theo enjoys good beer
2. Monks make very good beer
3. Theo enjoys the monk's very good beer

Attention Grammar Police!

[shking]

Whoops! Please allow me to correct the apostrophe misplacement:

3. Theo enjoys the monk's very good beer

Re:Attention Grammar Police!

[shking]

Whoops again! Please allow me to correct the incorrect apostrophe misplacement correction:

3. Theo enjoys the monks' very good beer

Re:Attention Grammar Police!

[ettlz]

Well at least it wasn't:

3. Theo enjoys the monks, very good beer

Re:Attention Grammar Police!

[shking]

That would be hard to swallow. Fortunately, the Ship & Anchor is at least 2 blocks distance from Victoria's, so mixing them up is unlikely.

Re:And in other news

[micromuncher]

Hey I got pictures of TdR kissing his own ass!

April 1st

[gustgr]

No joke from Google this year?

Re:April 1st

[SQFreak]

Of course there is! Don't you read the OMGFANBOI nexus of digg? http://www.google.com/romance/ [google.com] = this year's Google April Fools joke. Oh, and this is highly off-topic. Well, not really; it still is an April Fools joke...

Re:April 1st

[freakmn]

Ahh crap, that was a joke? I've been waiting for something like that for a while. I thought I could find my soulmate. The FAQ seemed reasonable enough. Back to my pathetic life.

Re:April 1st

[MarkByers]

No new enhancements to GMail either? :(

APRIL FOOLS!

[Eideteker]

APRIL FOOLS!

Actually not bad.

[Grendel Drago]

At least this one got me to click on the link. "Well, if a new exploit was just discovered, they'd tell us, even though it's April Fool's..." I still want to stab Taco with a fork for that stupid AOL-speak shit, though.

fools

[J05H]

if that's a real SSH hole, they should no better than to release warnings on April 1st.