A flaw in SSH Secure Shell protocol has put the Unix community on guard after it emerged that the latest version of the software is vulnerable to attack.
SSH Secure Shell is commonly used in Unix and Linux machines as a method of secure user authentication and data transfer encryption, but version 3.0.0, released late last month, contains a flaw that could give an attacker a foot in the door.
The vulnerability allows a user to remotely log into an account that uses a two-character password, without needing a password at all. Although such instances are uncommon, they happen often enough to pose a threat to a high number of networks.
Even getting into a low-level account could provide a launch pad for a much more serious attack that could potentially result in root access for an attacker.
SSH has issued an advisory and a patch to bring the software up to a secure version 3.0.1. "SSH strongly advises all users of Secure Shell 3.0.0 to upgrade immediately to Secure Shell 3.0.1," said the company.
Along with more information, the patch is available here.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago