All the latest UK technology news, reviews and analysis
|
|
|
25 Jul 2001
A flaw in SSH Secure Shell protocol has put the Unix community on guard after it emerged that the latest version of the software is vulnerable to attack.
SSH Secure Shell is commonly used in Unix and Linux machines as a method of secure user authentication and data transfer encryption, but version 3.0.0, released late last month, contains a flaw that could give an attacker a foot in the door.
The vulnerability allows a user to remotely log into an account that uses a two-character password, without needing a password at all. Although such instances are uncommon, they happen often enough to pose a threat to a high number of networks.
Even getting into a low-level account could provide a launch pad for a much more serious attack that could potentially result in root access for an attacker.
SSH has issued an advisory and a patch to bring the software up to a secure version 3.0.1. "SSH strongly advises all users of Secure Shell 3.0.0 to upgrade immediately to Secure Shell 3.0.1," said the company.
Along with more information, the patch is available here.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Sneak peek at the forthcoming glass-based machine
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
Software Design Architect (Windows Database Application...
Lead Java Developer - Fast growing, young and international...
Job Specification Graduate Support Engineer...
Job Specification For: Software Developer...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?