[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

SSH upgrade

This is part of a message I got from securityspace.com:

 Title: SSH1 CRC-32 compensation attack
 ID: 10607
 Category: Gain a shell remotely
 URL: http://www.securityspace.com/smysecure/catid.html?id=10607
 Summary: Checks for the remote SSH version
   You are running a version of SSH which is 
   older than version 1.2.32,
   or a version of OpenSSH which is older than
   This version is vulnerable to a flaw which
   allows an attacker to insert arbitrary commands
   in a ssh stream.
   Solution :
   Upgrade to version 1.2.32 of SSH which solves this problem,
   or to version 2.3.0 of OpenSSH
   More information:
   Risk factor : High

My question is where can I find debian packages of openssh 2.3.0., I
couln't find them with apt-get

Thanks in advance

Mark Lamers

Reply to: