[62203] in North American Network Operators' Group
Re: new openssh issue
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Tue Sep 16 17:32:45 2003
Date: Tue, 16 Sep 2003 15:50:04 -0400
From: Valdis.Kletnieks@vt.edu
To: "Richard A Steenbergen" <ras@e-gerbil.net>
Cc: "William Allen Simpson" <wsimpson@greendragon.com>,
nanog@nanog.org
Errors-To: owner-nanog-outgoing@merit.edu
This is a multi-part message in MIME format.
------_=_NextPart_001_01C37C99.AF561280
Content-Type: text/plain;
charset=us-ascii
Content-Transfer-Encoding: 7bit
On Tue, 16 Sep 2003 15:33:03 EDT, Richard A Steenbergen said:
> > patched, but does anybody know whether there's a problem with the
> > criscos? (as in "how do I configure my router for that?" ;-)
>
> Or better yet, the OpenSSH running on Junipers? Nothing on Juniper's
site
> about a vulnerability so far.
A posting to full-disclosure quotes Theo as saying HP and Cisco are
affected,
and I don't see any reason that Juniper would *NOT* be, given the common
code
base of the OpenSSH implementations. I'm not going to say the routers
are
vulnerable, but I *would* say that ACLs blocking port 22 to the router
might
be a good idea.....
------_=_NextPart_001_01C37C99.AF561280
Content-Type: text/html;
charset=us-ascii
Content-Transfer-Encoding: quoted-printable
<HTML>
<HEAD>
<META http-equiv=3D"Content-Type" content=3D"text/html; =
charset=3DUTF-16">
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3DUTF-16">
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Dus-ascii">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
6.0.6396.0">
<TITLE>Re: new openssh issue</TITLE>
</HEAD><BODY ><DIV>
<!-- Converted from text/plain format -->
<P><FONT SIZE=3D2>On Tue, 16 Sep 2003 15:33:03 EDT, Richard A =
Steenbergen said:</FONT>
</P>
<P><FONT SIZE=3D2>> > patched, but does anybody know whether =
there's a problem with the </FONT>
<BR><FONT SIZE=3D2>> > criscos? (as in "how do I =
configure my router for that?" ;-)</FONT>
<BR><FONT SIZE=3D2>> </FONT>
<BR><FONT SIZE=3D2>> Or better yet, the OpenSSH running on Junipers? =
Nothing on Juniper's site </FONT>
<BR><FONT SIZE=3D2>> about a vulnerability so far.</FONT>
</P>
<P><FONT SIZE=3D2>A posting to full-disclosure quotes Theo as saying HP =
and Cisco are affected,</FONT>
<BR><FONT SIZE=3D2>and I don't see any reason that Juniper would *NOT* =
be, given the common code</FONT>
<BR><FONT SIZE=3D2>base of the OpenSSH implementations. I'm not =
going to say the routers are</FONT>
<BR><FONT SIZE=3D2>vulnerable, but I *would* say that ACLs blocking port =
22 to the router might</FONT>
<BR><FONT SIZE=3D2>be a good idea.....</FONT>
</P>
</DIV>
<P> </P></BODY></HTML>
------_=_NextPart_001_01C37C99.AF561280--
