Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0

From: Brian Carpio (carb02at_private)
Date: Mon Jul 23 2001 - 09:31:06 PDT

Next message: Roman Drahtmueller: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"

Previous message: Joop Stakenborg: "pileup 1.2"
In reply to: Marcin Zurakowski: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: Stephanie Thomas: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: Jaime BENJUMEA: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Reply: Stephanie Thomas: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

OpenSSH is not vulnerable at all weather or not you use PAM.. this is SSH
the commercial Version. 

If you didn't pay for it then you are OK!! 

--------------
Brian Carpio
CSG Systems Inc.
Open Systems Unix System Admin

x3317
--------------

--- Security is a Process NOT a Product ----

On Sat, 21 Jul 2001, Marcin Zurakowski wrote:

> On Fri, 20 Jul 2001, Stephanie Thomas wrote:
> 
> > an empty password.  This affects SSH Secure Shell 3.0.0
> 
> I guess openssh with pam support is not vulnerable??
> 
> -- 
> 
> Marcin Zurakowski
> 
> InterFirma Administrator
> 
> 
>

Next message: Roman Drahtmueller: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Previous message: Joop Stakenborg: "pileup 1.2"
In reply to: Marcin Zurakowski: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: Stephanie Thomas: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: Jaime BENJUMEA: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Reply: Stephanie Thomas: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jul 23 2001 - 10:16:12 PDT