Re: openssh version info bug or feature ?

To: Paul Hampson <Paul.Hampson@anu.edu.au>
Cc: Dominik.Thinay@unix-ag.org, debian-devel@lists.debian.org
Subject: Re: openssh version info bug or feature ?
From: Anthony DeRobertis <asd@suespammers.org>
Date: Wed, 6 Feb 2002 06:53:15 -0500
Message-id: <[🔎] 1A72B028-1AF8-11D6-9452-00039355CFA6@suespammers.org>
In-reply-to: <[🔎] 20020206081429.GA9953@keitarou.bubblesworth.net>


On Wednesday, February 6, 2002, at 03:14 AM, Paul Hampson wrote:

You could submit a bug report if you think it's wrong...
but it'd be a minor bug, I suspect. Unless you can build
a really good argument why having sshd give away the Debian-ness
of your system is a security hole.

Well, honestly, I think it's quite likely that security scannerswill not know of the debian versions and either:


	a) Always tag them as suspect (not fixing the original problem)
	b) Never tag them as suspect

For some reason, I fear the latter behavior.

Reply to:

Follow-Ups:
- Re: openssh version info bug or feature ?
  - From: Paul Hampson <Paul.Hampson@anu.edu.au>

References:
- Re: openssh version info bug or feature ?
  - From: Paul Hampson <Paul.Hampson@anu.edu.au>

Prev by Date: Re: Bug#132497: ITP: kernel-patch-debianlogo -- Display a Debian logo on a framebuffer device at boottime
Next by Date: Re: openssh version info bug or feature ?
Previous by thread: Re: openssh version info bug or feature ?
Next by thread: Re: openssh version info bug or feature ?
Index(es):
- Date
- Thread