246

'Critical' vulnerability in OpenSSH uncovered, affects almost all Linux systems(www.computing.co.uk)

posted
by
Avatar
Blaze@lemmy.zip
in
Avatar
linux@programming.dev
39 comments
hidereport
Sort:
HotTopControversialNewOld
You are viewing a single thread.
View all comments
Avatar
mumblerfish@lemmy.world
38 points

If I’m not mistaken, it seems like this is a timing attack and you need a lot of attack attempts to make it work. If you have like a fail2ban rule for ssh it should mitigate this attack to quite some degree, right? (Of course updating would still be the best).

permalink
report
reply
Avatar
shastaxc@lemm.ee
12 points

While statistically unlikely, it would be possible to exploit the vulnerability on the first attempt

permalink
report
parent
reply
Avatar
mumblerfish@lemmy.world
4 points

That’s true.

permalink
report
parent
reply

Linux

!linux@programming.dev

Create post

A community for everything relating to the linux operating system

Also check out !linux_memes@programming.dev

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

Community stats

  • 1.8K

    Monthly active users

  • 659

    Posts

  • 5.4K

    Comments

Community moderators