SunSSH in Solaris 9 vulnerable?

From: David Carlin (djc6@scl.cwru.edu)
Date: Wed Jun 26 2002 - 16:16:52 EDT

• Next message: Mira: "Monitors supported by U10 ?"
• Previous message: Sam !: "redundant question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hey,

I was curious if SunSSH 1.0 included with Solaris 9 is vulnerable to the
remote root exploit for OpenSSH described here:

http://www.openssh.org/txt/preauth.adv

I know it is based on OpenSSH (look at the man page for ssh), but I can't
find out which version it is based upon. I tried the temporary fix of
"disable ChallengeResponseAuthentication in sshd_config" but sshd didn't
seem to think this was a valid option.

                -David
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Mira: "Monitors supported by U10 ?"
• Previous message: Sam !: "redundant question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:24:31 EDT