246
'Critical' vulnerability in OpenSSH uncovered, affects almost all Linux systems (www.computing.co.uk)
submitted 2 weeks ago by Blaze to c/[email protected]
39 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] [email protected] 38 points 2 weeks ago

If I'm not mistaken, it seems like this is a timing attack and you need a lot of attack attempts to make it work. If you have like a fail2ban rule for ssh it should mitigate this attack to quite some degree, right? (Of course updating would still be the best).

[-] [email protected] 12 points 2 weeks ago

While statistically unlikely, it would be possible to exploit the vulnerability on the first attempt

[-] [email protected] 4 points 2 weeks ago

That's true.

this post was submitted on 01 Jul 2024
246 points (98.8% liked)

Linux

4446 readers
118 users here now

A community for everything relating to the linux operating system

Also check out [email protected]

Original icon base courtesy of [email protected] and The GIMP

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]