The OpenSSH exploit: What it does; which Mac OS X systems are vulnerable

What the exploit purportedly does The newly announced OpenSSH vulnerability, fixed in version 3.7 of the software, is still (as far as we know) an untested, and therefore theoretical exploit.

According to reports, however, an exploitation of the flaw would flood the attacked computer with SSH attempts until it is able to establish a root user connection.

Which Mac OS X systems are vulnerable If you are a casual user, changes are the only way your Mac OS X system will be vulnerable to this bug.

Mac OS X 10.2.6 includes build 3.4p1 of OpenSSH, while developers indicate that Mac OS X 10.3 (Panther) includes OpenSSH 3.6.1p1 - both theoretically susceptible to this exploit.

Meanwhile, version 3.7.1 of OpenSSH has already been released. According to mindrot.org: "All versions of OpenSSH's sshd prior to 3.7.1 contain buffer management errors. It is uncertain whether these errors are potentially exploitable, however, we prefer to see bugs fixed proactively."

Yesterday's initial report on the exploit includes some extra suggestions for enhancing security

Feedback? Late-breakers@macfixit.com.

Resources