[21760] in bugtraq
Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0
daemon@ATHENA.MIT.EDU (Michal Zalewski)
Sat Jul 21 13:16:02 2001
Date: Sat, 21 Jul 2001 11:16:58 -0400 (EDT)
From: Michal Zalewski <lcamtuf@gis.net>
To: Stephanie Thomas <customer.service@ssh.com>
Cc: bugtraq@securityfocus.com
In-Reply-To: <FNEKKFMHLBAMAHPEHBLMCEAGCAAA.customer.service@ssh.com>
Message-ID: <Pine.LNX.4.21.0107211106280.785-100000@nimue.bos.bindview.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Fri, 20 Jul 2001, Stephanie Thomas wrote:
> PLATFORMS IMPACTED: Red Hat Linux 6.1 thru 7.1
RedHat Linux 7.0 ships OpenSSH 2.2.1 (7.0). RedHat Linux 7.1 ships OpenSSH
2.5.2. Previous versions shipped SSH 1.2.xx, which, if I understood, are
not vulnerable. You are vulnerable only if you have installed SSH.com SSH
3.0.0 by hand, but then, it is not RedHat fault.
--
_____________________________________________________
Michal Zalewski [lcamtuf@bos.bindview.com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
