As usual, you may want to either raise shields (i.e. disable/restrict access to the ssh service), or pay extra attention to what is happening on your SSH inbound gateways...
http://lwn.net/Articles/340360/ http://isc.sans.org/diary.html?storyid=6742 http://secer.org/hacktools/0day-openssh-remote-exploit.html Yes, it could be a hoax, and I sure hope that's all it is... -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
