Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0

From: Seth Arnold (sarnoldat_private)
Date: Tue Jul 24 2001 - 12:06:42 PDT

Next message: stanislav shalunov: "Re: FIN_WAIT_1 DoS (netkill): Why the vulnerability still exists?"

Previous message: JW Oh: "revised version of .ida exploit"
In reply to: Sports: "RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: Marcin Zurakowski: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Jul 23, 2001 at 03:17:26PM -0400, Sports wrote:
> What about 2.9?

> >A quick glance at the source code suggests that SSH 2.3.0 and 
> >2.4.0 have the same problem.  Is this true?

You've fallen pray to the 'product problem'. 2.9 is OpenSSH. 2.3.0,
2.4.0, and 3.0 are ssh.com. This problem is in the ssh.com version, but
not in OpenSSH.

Next message: stanislav shalunov: "Re: FIN_WAIT_1 DoS (netkill): Why the vulnerability still exists?"
Previous message: JW Oh: "revised version of .ida exploit"
In reply to: Sports: "RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Next in thread: Marcin Zurakowski: "Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Jul 24 2001 - 12:26:24 PDT