[Cbsupport] Security threst SSH?

Maxwell & de Brouwer hortnfash at dodo.com.au
Thu Sep 18 13:12:02 UTC 2003

> http://www.computerworld.com/securitytopics/security/holes/story/0,10801,85053,00.html

Is this for real?
Is a patch really needed?
are there really Vulnerabilities with OpenSSH?

> The OpenBSD project yesterday issued a security alert 
> <http://www.openssh.com/txt/buffer.adv> for OpenSSH and a new version, 
> 3.7.1, and encouraged companies using affected versions of the suite 
> to upgrade to the latest version or apply a software patch.

> Many of the leading Unix and Linux operating systems ship with OpenSSH 
> and are vulnerable to attack. In addition, an unknown number of 
> hardware devices, including network routers and switches, use the 
> popular package and will need to be patched, according to Dan 
> Ingevaldson, engineering manager of the X-Force security group at 
> Internet Security Systems Inc. (ISS). 

Any opinions?
Avery :-\

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linux.org.au/pipermail/cbsupport/attachments/20030918/c35fc2f1/attachment.htm 

More information about the cbsupport mailing list