Friday, August 22, 2008

RedHat Linux Compromised

Last night Red Hat Inc. announced that their main distribution servers were compromised and this morning patches were released to fix apparently modified OpenSSH packages.

This is an incredibly interesting vector of attack, both releases of Red Hat Enterprise Linux v4, v5 and Fedora were modified with attackers essentially including their own key to the front door (ssh) into the operating system. If you have installed RHEL or Fedora from ftp or http sources recently you will certainly need to: "yum update"

https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html
https://rhn.redhat.com/errata/RHSA-2008-0855.html
http://www.redhat.com/security/data/openssh-blacklist.html

No comments: