From: David Carlin (djc6@scl.cwru.edu)
Date: Wed Jun 26 2002 - 16:16:52 EDT
Hey,
I was curious if SunSSH 1.0 included with Solaris 9 is vulnerable to the
remote root exploit for OpenSSH described here:
http://www.openssh.org/txt/preauth.adv
I know it is based on OpenSSH (look at the man page for ssh), but I can't
find out which version it is based upon. I tried the temporary fix of
"disable ChallengeResponseAuthentication in sshd_config" but sshd didn't
seem to think this was a valid option.
-David
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:24:31 EDT