New ssh Exploit in the Wild 754
veg writes "In the last few hours there have been several reports of a new ssh bug, with an exploit seemingly in the wild. Oh god not again... The lengths some people will goto to try and damage Theo's pride." Update: 09/17 00:24 GMT by T : friscolr writes "Hot on the heels of rev 1 of the buffer.adv advisory, here is revision 2, which fixes more than revision 1 did. Also see the 3.7.1 release notes."
Uh oh (Score:5, Funny)
Hooray! (Score:1, Funny)
Public Service (Score:5, Funny)
Telnet (Score:5, Funny)
This is why I refuse to use ssh. (Score:1, Funny)
ssh is just for losers who can't set up teransparent network layering.
bugs?? (Score:1, Funny)
=)
guess who (Score:5, Funny)
How long until... (Score:-1, Funny)
Re:bugs?? (Score:1, Funny)
I saw this exploit used (Score:5, Funny)
A librarian peeked around the corner to see where the noise was coming from, then put her finger to her lips and said, "Ssh!"
The kids ignored her and kept talking, completely and utterly exploiting the hole, and circumventing the 'Ssh'!
Never was I so frightened.
Re:Telnet (Score:3, Funny)
Re:Suggestions for a newbie? (Score:0, Funny)
Re:Suggestions for a newbie? (Score:1, Funny)
Re:Telnet (Score:-1, Funny)
I'm getting myself a couple of carrier pigeons. Hmm...or maybe three, I need the bandwidth.
Obligatory programming joke (Score:2, Funny)
Remember to use long jumps if you want to goto more than 255 bytes of pride-damaging.
Re:Telnet (Score:1, Funny)
Re:For Gentoo (Score:-1, Funny)
Gentoo Linux is an interesting new distribution with some great features. Unfortunately, it has attracted a large number of clueless wannabes and leprotards who absolutely MUST advocate Gentoo at every opportunity. Let's look at the language of these zealots, and find out what it really means...
"Gentoo makes me so much more productive."
"Although I can't use the box at the moment because it's compiling something, as it will be for the next five days, it gives me more time to check out the latest USE flags and potentially unstable optimisation settings."
"Gentoo is more in the spirit of open source!"
"Apart from Hello World in Pascal at school, I've never written a single program in my life or contributed to an open source project, yet staring at endless streams of GCC output whizzing by somehow helps me contribute to international freedom."
"I use Gentoo because it's more like the BSDs."
"Last month I tried to install FreeBSD on a well-supported machine, but the text-based installer scared me off. I've never used a BSD, but the guys on Slashdot say that it's l33t though, so surely I must be for using Gentoo."
"Heh, my system is soooo much faster after installing Gentoo." .debs can be rebuilt with a handful of commands (AND Red Hat
supplies i686 kernel and glibc packages), my box MUST be faster. It's nothing
to do with the fact that I've disabled all startup services and I'm running
BlackBox instead of GNOME or KDE."
"I've spent hours recompiling Fetchmail, X-Chat, gEdit and thousands of other programs which spend 99% of their time waiting for user input. Even though only the kernel and glibc make a significant difference with optimisations, and RPMs and
"...my Gentoo Linux workstation..."
"...my overclocked AMD eMachines box from PC World, and apart from the third-grade made-to-break components and dodgy fan..."
"You Red Hat guys must get sick of dependency hell..." .rpms together on the command line, and that problems
hardly ever occur if one uses proper Red Hat packages instead of mixing
SuSE, Mandrake and Joe's Linux packages together (which the system wasn't
designed for)."
"I'm too stupid to understand that circular dependencies can be resolved by specifying BOTH
"All the other distros are soooo out of date."
"Constantly upgrading to the latest bleeding-edge untested software makes me more productive. Never mind the extensive testing and patching that Debian and Red Hat perform on their packages; I've just emerged the latest GNOME beta snapshot and compiled with -O9 -fomit-instructions, and it only crashes once every few hours."
"Let's face it, Gentoo is the future."
"OK, so no serious business is going to even consider Gentoo in the near future, and even with proper support and QA in place, it'll still eat up far too much of a company's valuable time. But this guy I met on #animepr0n is now using it, so it must be growing!"
-
Re:Suggestions for a newbie? (Score:2, Funny)
I fail to see.... (Score:2, Funny)
Re:Ermm.. can anyone say "Microsoft" (Score:1, Funny)
No kidding. Let me guess, ignoring the sun, it's dark?
WOW!! (Score:5, Funny)
I must be on the wrong site.
NarratorDan
Re:deceit (Score:5, Funny)
Re:Does this effect Cygwin??? (Score:5, Funny)
This is precisely... (Score:4, Funny)
...why I always go back and add security holes to all of my programs. If some future (or current) anti-regime hacker needs to be able to break into a local power plant, I want to make sure my code can help!
[I considered signing this post "love, Theo" but then thought better of it.]
Re:MOD PARENT DOWN (Score:5, Funny)
It'd serve you right if he gave you one.
Re:install base (Score:5, Funny)
That's okay, I will.
I bet this guy's life that a server on the bottom of the ocean is secure.
Re:Uh oh - no funny (Score:5, Funny)
Re:Suggestions for a newbie? (Score:3, Funny)
In fact, you don't need to imagine it. Microsoft are on the record as stating that it's one of the reasons why they can't possibly reveal Windows source mode widely [eweek.com].
Theres little time (Score:2, Funny)
2. ???
3. WTF?
4. Profit!!!
Re:GOOD!! Red Hat, fix your RPMs!! (Score:4, Funny)
I think you mean:
Gentoo
Re:Why all the lsh plugs? (Score:1, Funny)
It's must be a conspiracy by the GNU viral license advocates to wipe out "free"BSD licensed software!
Re:See this comment for BSD patch and info (Score:3, Funny)
Dr. Evil says... (Score:1, Funny)
That was a pre-emptive Ssh!
Re:mod parent up please (Score:3, Funny)
Re:not worried... (Score:1, Funny)
i cant get modded up if jesus came back with mod points