Reply to post: Re: Had it coming...

MongoDB ransom attacks soar, body count hits 27,000 in hours


Re: Had it coming...

Atleast if it's OpenSSH, you have to go way, way back to find a vulnerability that would actually allow remote access without any credentials. I think the most recent ones were the CRC32 deattack one (all servers with SSH1 enabled were vulnerable) and the integer overflow in PAM-related code (needed some non-standard but common config options). This was around 2001-2002 or so.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021