[12040] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]

daemon@ATHENA.MIT.EDU (Sean-Paul Rees)
Tue Sep 28 16:40:35 1999

Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id:  <Pine.NEB.4.05.9909271540360.890-100000@kechara.flame.org>
Date:         Mon, 27 Sep 1999 15:43:41 -0700
Reply-To: Sean-Paul Rees <sean@FLAME.ORG>
From: Sean-Paul Rees <sean@FLAME.ORG>
X-To:         bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <99Sep27.113548edt.96305-2339@jane.cs.toronto.edu>

On Mon, 27 Sep 1999, Dan Astoorian wrote:

> A trivial demo program that demonstrates the problem is attached.  (It
> needs no special privileges; run it as an unprivileged user in any
> writable directory.)  The program reports "okay" under Solaris 2.5.1 and
> IRIX 6.5.2, "vulnerable" under RedHat 6.

According to this program,

FreeBSD 3.3-STABLE/i386: Vulnerable
NetBSD 1.4.1/i386: Vulnerable
Debian GNU/Linux 2.2 (kernel 2.2.12)/i386: Vulnerable
Solaris 2.6/sparc: Okay

Cheers,
Sean


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[12040] in bugtraq

Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]

daemon@ATHENA.MIT.EDU (Sean-Paul Rees)Tue Sep 28 16:40:35 1999

daemon@ATHENA.MIT.EDU (Sean-Paul Rees)
Tue Sep 28 16:40:35 1999