[1910] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] SSH security hole found

daemon@ATHENA.MIT.EDU (samboy@mr.samiam.org)
Sat Jun 20 02:27:59 1998

Date: Fri, 19 Jun 1998 12:00:58 -0700 (PDT)
From: samboy@mr.samiam.org
To: linux-security@redhat.com
Resent-From: linux-security@redhat.com
Resent-Reply-To: linux-security@redhat.com


>From http://lwn.net/#security

  A vulnerability present in the SSH software package can allow an
  attacker to execute arbitrary commands on the SSH server.  To protect
  against this, immediately upgrade to ssh 1.2.25. Red Hat ssh-1.2.25 RPMs
  are available, as is the Debian ssh-1.1.25 package for hamm (Debian
  2.0-to-be).

  There are SSH 1.2.25 RPMs here:
 
 	ftp://ftp.fi.muni.cz/pub/ssh/local-fi.muni.cz/linux/

  The Debian ssh-1.2.25 package is available at:

 	ftp://ftp.lh.umu.se/pub/linux/debian-non-US/unstable/binary-i386/

(plagarized directly from the web page in question)

- Sam

"That which does not destroy me, makes me stronger" -- Nietzsche

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post