OpenSSH (version < 3.4p1) && linux

From: chris (chris@secure-packets.com)
Date: Sun Jul 14 2002 - 10:49:51 EDT

• Next message: Anders Thulin: "Re: Scanning for blank admin passwords on a windows box"
• Previous message: Jason binger: "Re: MS99-027 - New IIS problem?"
• Next in thread: Benninghoff, John: "RE: OpenSSH (version < 3.4p1) && linux"
• Maybe reply: Benninghoff, John: "RE: OpenSSH (version < 3.4p1) && linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

It seems there is much debate on whether linux based hosts are
vulnerable to the recent remote root exploit for OpenSSH. I have seen
advisories for FreeBSD/NetBSD/OpenBSD but the two systems that I have
most encountered in my tests are Linux and Solaris, though I can't find
a proof of concept exploit for these systems. Any information would be
greatly appreciated.

Thanx,
::chris

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Anders Thulin: "Re: Scanning for blank admin passwords on a windows box"
• Previous message: Jason binger: "Re: MS99-027 - New IIS problem?"
• Next in thread: Benninghoff, John: "RE: OpenSSH (version < 3.4p1) && linux"
• Maybe reply: Benninghoff, John: "RE: OpenSSH (version < 3.4p1) && linux"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:23 EDT