Recently RedHat informed it`s Fedora and RHEL users about some successfull intrusions into their key servers responsible for providing update to end-users and also a key system used for signing Fedora packages . Read about these two cases here (fedora) and here (REHL) .
As you may have noticed, attackers backdoored and signed(!) OpenSSH package on RHEL server.
If you`ve configured your systems to automatically download and install offered updates , you can use the script provided here to check if you`ve installed backdoored OpenSSH server or not .
I`m afraid that this year we`ve seen too much check-blacklist.sh scripts ... !
Below is list of affected packages , based on SANS alert :
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.5.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.5.z)
Red Hat Enterprise Linux WS (v. 4)
As you may have noticed, attackers backdoored and signed(!) OpenSSH package on RHEL server.
If you`ve configured your systems to automatically download and install offered updates , you can use the script provided here to check if you`ve installed backdoored OpenSSH server or not .
I`m afraid that this year we`ve seen too much check-blacklist.sh scripts ... !
Below is list of affected packages , based on SANS alert :
Red Hat Desktop (v. 4)
Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.5.z)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.5.z)
Red Hat Enterprise Linux WS (v. 4)
No comments:
Post a Comment