From owner-ssh@clinet.fi Sat Jun 2 03:34:31 2001 Received: from smtp1.clinet.fi (smtp1.clinet.fi [194.100.2.57]) by hutcs.cs.hut.fi (8.9.3/8.9.3) with ESMTP id DAA21094 for ; Sat, 2 Jun 2001 03:34:31 +0300 (EET DST) Received: from mail.clinet.fi (mail.clinet.fi [194.100.0.7]) by smtp1.clinet.fi (Postfix) with ESMTP id E48D4214B2; Sat, 2 Jun 2001 03:34:30 +0300 (EEST) Received: (from majordom@localhost) by mail.clinet.fi (8.9.3/8.9.3) id DAA29520 for ssh-outgoing; Sat, 2 Jun 2001 03:07:47 +0300 Received: from cookiemonster.hq.ny.genx.net (cookiemonster.hq.ny.genx.net [206.64.4.77]) by mail.clinet.fi (8.9.3/8.9.3) with SMTP id DAA29517 for ; Sat, 2 Jun 2001 03:07:46 +0300 Received: (qmail 21820 invoked from network); 2 Jun 2001 00:07:28 -0000 Received: from virus.fx.genx.net (HELO virus) (63.114.211.48) by mailhost.hotjobs.com with SMTP; 2 Jun 2001 00:07:28 -0000 Message-Id: <3.0.5.32.20010531201339.00b868b0@fs3.ny.genx.net> X-Sender: rpinz@fs3.ny.genx.net X-Mailer: QUALCOMM Windows Eudora Pro Version 3.0.5 (32) Date: Thu, 31 May 2001 20:13:39 -0400 To: ssh@clinet.fi From: Ron Pinz Subject: OpenSSH 2.2 vulnerability? Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-ssh@clinet.fi Precedence: bulk Anyone have specific information regarding the hole(s) used to hack the Apache Software Foundation? I have included the link that generically discusses the hack and it's implications to the ASF below... http://www.apache.org/info/20010519-hack.html I can't seem to find additional references regarding OSSH2.2 vulnerabilities... Ron Pinz GenX.net Senior UNIX Hacker rpinz@genx.net