You're supposed to be secure! Why you gotta make me hit you?
That's an awesome list of vulnerable systems. This is pretty big, though they claim "chance of a successful exploit of this nature is considered minimal" -- keep in mind, you've got to be running GSSAPI enabled.. like with kerberos or something. Like I do. Let's see... how many thousands of servers do we have to patch? Goody.
Meh. I will get irritated by this after we close down ftp and rexec.
Why am I homeless? Why do all you motherfuckers need homes is the real question. They called it The Prayer, its answer was law Mommy come back 'cause the water's all gone
OpenSSH has had its share of security holes over the years. I'm pretty sure the one time one of my Linux boxes got hacked was through a vulnerable version of OpenSSH. Fortunately for me my version of Linux was so decrepit that the l33t haxx0r code they downloaded onto my machine wouldn't even run properly.
I used to admin a VMS machine configured by someone so paranoid it had no "standard" paths. It was a bloody pain, but we were pretty certain even if someone got in they would be incapable of doing anything. We certainly weren't...
Author
