OpenSSH vuln: BSD only?

To: <debian-isp@lists.debian.org>, <debian-security@lists.debian.org>
Subject: OpenSSH vuln: BSD only?
From: "Wim Fournier" <wim@kern.nl>
Date: Thu, 27 Jun 2002 10:38:44 +0200 (CEST)
Message-id: <[🔎] 51807.217.198.203.200.1025167124.squirrel@webmail.kern.nl>
Reply-to: wim@kern.nl
In-reply-to: <[🔎] 1025115618.4335.11.camel@killer>
References: <[🔎] 1025115618.4335.11.camel@killer>

http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20584

I just read this over at iss, it seems that the vuln only exists for
default installations of BSD and only for S-KEY and BSD authentication.

So need to upgrade at all.. its just a way to get everyone over to 3.x i
guess...


With kind regards,

Wim Fournier




-- 
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- OpenSSH 3.4 released... should FIX problems
  - From: Mark Janssen <maniac@maniac.nl>

Prev by Date: Re: throttle pop3 access
Next by Date: Fw: OpenSSH Security Advisory (adv.iss)
Previous by thread: OpenSSH 3.4 released... should FIX problems
Next by thread: centralize passwords
Index(es):
- Date
- Thread