Linux

6950 readers

617 users here now

A community for everything relating to the GNU/Linux operating system

Also check out:

Original icon base courtesy of [email protected] and The GIMP

founded 2 years ago

MODERATORS

[email protected]

245

'Critical' vulnerability in OpenSSH uncovered, affects almost all Linux systems (www.computing.co.uk)

submitted 9 months ago by [email protected] to c/[email protected]

39 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 37 points 9 months ago (1 children)

If I'm not mistaken, it seems like this is a timing attack and you need a lot of attack attempts to make it work. If you have like a fail2ban rule for ssh it should mitigate this attack to quite some degree, right? (Of course updating would still be the best).

[–] [email protected] 12 points 9 months ago (1 children)

While statistically unlikely, it would be possible to exploit the vulnerability on the first attempt

[–] [email protected] 4 points 9 months ago

That's true.