[BlueOnyx:12258] SSH 0-day vulnerability
Dogsbody
dan at dogsbody.org
Tue Feb 19 19:07:20 -05 2013
It seems there is a major 0-day vulnerability doing the rounds and a lot
of data is showing SSH as the attack vector, even though the exact
vulnerability hasn’t been fully discovered yet or patched.
The vulnerability seems to mostly affect Redhat/CentOS with cPanel/Plesk
installed but not exclusively which is why I thought I would post it here.
We've taken the choice of locking down all public SSH access on all our
customer servers.
For more information on this vulnerability please see...
http://www.webhostingtalk.com/showthread.php?t=1235797
http://seclists.org/oss-sec/2013/q1/326
https://bugzilla.redhat.com/show_bug.cgi?id=911937
http://forums.cpanel.net/f185/sshd-rootkit-323962.html
Dan
--
Find me online : http://www.dogsbody.info/
More information about the Blueonyx
mailing list