On Mon, 13 Jul 2009, ahlist wrote:
> I realize the recent ssh exploit rumors appear to be false.
>
> However I've not saw any comments on hostgator's "patch"
>
> http://67.18.54.2/~davec/ssh_exploit_fix.txt
The CBC cipher protocol weakness reported by CPNI is not an 0day attack
against sshd, so this configuration change (it is not really a patch)
will not offer any real protection against 0day attacks (real or
fictitious).
We are not aware of any other vulnerabilities relating to CBC mode
ciphers. Cipher vulnerabilities usually lead to information disclosure
rather than remote code execution anyway.
> They continue to talk as if they have inside information.
I haven't been in contact with anyone identifying themselves as being
associated with Hostgator, and I don't have any inside information to
give anyway.
-d