[21784] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0

daemon@ATHENA.MIT.EDU (Brian Carpio)
Mon Jul 23 13:17:16 2001

Date: Mon, 23 Jul 2001 10:31:06 -0600 (MDT)
From: Brian Carpio <carb02@csgsystems.com>
To: Marcin Zurakowski <marcin@interfirma.pl>
Cc: bugtraq@securityfocus.com
In-Reply-To: <Pine.LNX.4.33.0107211105260.24318-100000@inter1.interfirma.pl>
Message-ID: <Pine.GSO.4.10.10107231030340.15120-100000@sylvester.co.csgsystems.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII


OpenSSH is not vulnerable at all weather or not you use PAM.. this is SSH
the commercial Version. 

If you didn't pay for it then you are OK!! 

--------------
Brian Carpio
CSG Systems Inc.
Open Systems Unix System Admin

x3317
--------------

--- Security is a Process NOT a Product ----

On Sat, 21 Jul 2001, Marcin Zurakowski wrote:

> On Fri, 20 Jul 2001, Stephanie Thomas wrote:
> 
> > an empty password.  This affects SSH Secure Shell 3.0.0
> 
> I guess openssh with pam support is not vulnerable??
> 
> -- 
> 
> Marcin Zurakowski
> 
> InterFirma Administrator
> 
> 
>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[21784] in bugtraq

Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0

daemon@ATHENA.MIT.EDU (Brian Carpio)Mon Jul 23 13:17:16 2001

daemon@ATHENA.MIT.EDU (Brian Carpio)
Mon Jul 23 13:17:16 2001