CERT, courtesy of an ISS X-Force alert, reports that there are two related vulnerabilities in the challenge response handling code in OpenSSH versions 2.3.1p1 through 3.3. This may allow a remote intruder to execute arbitrary code as the user running sshd (often root). Read the ISS report here
- Free Whitepaper! The 5 criteria to help you select the right analytics platform for your organization.
- Free Whitepaper! Learn how IT is evolving from producer to enabler, and fostering collaboration around analytics.
- Free Whitepaper! Learn how to create an analytics environment that is governed, scalable and self-serve.