Open source developers yesterday warned of a significant vulnerability in OpenSSH, a tool that ships with many Linux and Unix flavours. The details of the hole have not been made public because a patch is not yet available, but the secrecy of the developers has caused a schism in the open source community.. . .
Open source developers yesterday warned of a significant vulnerability in OpenSSH, a tool that ships with many Linux and Unix flavours. The details of the hole have not been made public because a patch is not yet available, but the secrecy of the developers has caused a schism in the open source community.

Yesterday, Theo de Raadt, lead developer for OpenSSH, a free tool that many administrators use as a secure alternative to Telnet and FTP, announced a significant remotely exploitable vulnerability.

Even version 3.3 of OpenSSH, released only days ago, is vulnerable.

But de Raadt has not announced the finer points of the vulnerability because a patch has to yet be made available.

He insisted that details would be released on Thursday to give distributors time to get updated versions of the tool together before hackers get their hands on exploit code.

The link for this article located at vnunet is no longer available.