SUMMARY: SunSSH in Solaris 9 vulnerable?

From: David Carlin (djc6@scl.cwru.edu)
Date: Wed Jul 03 2002 - 15:45:46 EDT

• Next message: Allen Belk: "Jumpstart without DNS"
• Previous message: Caparroso, Nelson T. (AAS): "OT: Tru64/DEC Unix - how to gather tape device stats"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello,

I got a lot of responses from people with conflicting information on
whether or not SunSSH is vulnerable to the latest vulnerabilities in
OpenSSH. It turns out that SunSSH is not vulnerable in the default
configuration and Sun is releasing patches soon. A statement from Sun was
added to the CERT advisory today:

http://www.cert.org/advisories/CA-2002-18.html

A Sun employee also described the problem on bugtraq a couple days ago:

http://online.securityfocus.com/archive/1/279680

                -David
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Allen Belk: "Jumpstart without DNS"
• Previous message: Caparroso, Nelson T. (AAS): "OT: Tru64/DEC Unix - how to gather tape device stats"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:24:33 EDT