RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0

From: Emre Yildirim (emreat_private)
Date: Mon Jul 23 2001 - 17:11:33 PDT

Next message: Phil Stracchino: "Re: permission probs with Arkeia"

Previous message: Daniel Wittenberg: "Re: permission probs with Arkeia"
In reply to: Stephanie Thomas: "RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: Stephanie Thomas: "RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: Antonomasia: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Reply: Stephanie Thomas: "RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> SSH Secure Shell 3.0.0 does not ship with any
> of the operating systems mentioned, nor does the
> announcement specify that it does. However, if a
> user has explicitly installed SSH Secure Shell 3.0.0
> on any of the listed operating systems, they are
> vulnerable to this potential exploit.
>

I don't want to drag this boring thread any longer, but in
your advisory, it stated that OpenBSD and NetBSD were
not vulnerable.  So...if I install SSH 3.0.0 on one of those
(even though the already come with openssh), ssh will not
be vulnerable to this bug?  Or will it?  I think that part
created a little confusion.


Cheers

Next message: Phil Stracchino: "Re: permission probs with Arkeia"
Previous message: Daniel Wittenberg: "Re: permission probs with Arkeia"
In reply to: Stephanie Thomas: "RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: Stephanie Thomas: "RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: Antonomasia: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Reply: Stephanie Thomas: "RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 24 2001 - 12:01:11 PDT