Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0

From: Michal Zalewski (lcamtufat_private)
Date: Sat Jul 21 2001 - 08:16:58 PDT

Next message: Dale Southard: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"

Previous message: Dan Kaminsky: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
In reply to: Stephanie Thomas: "URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: jat_private: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Reply: jat_private: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Reply: Trond Eivind Glomsrød: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 20 Jul 2001, Stephanie Thomas wrote:

> PLATFORMS IMPACTED: Red Hat Linux 6.1 thru 7.1

RedHat Linux 7.0 ships OpenSSH 2.2.1 (7.0). RedHat Linux 7.1 ships OpenSSH
2.5.2. Previous versions shipped SSH 1.2.xx, which, if I understood, are
not vulnerable. You are vulnerable only if you have installed SSH.com SSH
3.0.0 by hand, but then, it is not RedHat fault.

-- 
_____________________________________________________
Michal Zalewski [lcamtufat_private] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=

Next message: Dale Southard: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Previous message: Dan Kaminsky: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
In reply to: Stephanie Thomas: "URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: jat_private: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Reply: jat_private: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Reply: Trond Eivind Glomsrød: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Jul 21 2001 - 10:15:01 PDT