[21785] in bugtraq
Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0
daemon@ATHENA.MIT.EDU (Roman Drahtmueller)
Mon Jul 23 13:22:00 2001
Date: Mon, 23 Jul 2001 18:03:10 +0200 (MEST)
From: Roman Drahtmueller <draht@suse.de>
To: Stephanie Thomas <customer.service@ssh.com>, <bugtraq@securityfocus.com>,
<security@suse.de>
In-Reply-To: <FNEKKFMHLBAMAHPEHBLMCEAGCAAA.customer.service@ssh.com>
Message-ID: <Pine.LNX.4.33.0107231751510.15489-100000@dent.suse.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
> From: Stephanie Thomas <customer.service@ssh.com>
> To: bugtraq@securityfocus.com
> Date: Fri, 20 Jul 2001 17:34:02 -0700
> Subject: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0
[...]
> PLATFORMS IMPACTED:
>
> Red Hat Linux 6.1 thru 7.1
> Solaris 2.6 thru 2.8
> HP-UX 10.20
> HP-UX 11.00
> Caldera Linux 2.4
> Suse Linux 6.4 thru 7.0
Numerous requests force an additional statement.
The ssh versions 3.* are not shipped with SuSE Linux, all versions of the
distribution.
Thanks to Frank Denis for pointing this out on bugtraq.
Since most of the mentioned systems are older than ssh-3.*, it seems
logical that these systems can't be affected by default. It should have
been mentioned that the platforms mentioned above are vulnerable if the
said version of ssh has been installed on them.
I wish for more precision in future security announcements from ssh.com.
Roman Drahtmüller,
SuSE Security.
--
- -
| Roman Drahtmüller <draht@suse.de> // "Caution: Cape does |
SuSE GmbH - Security Phone: // not enable user to fly."
| Nürnberg, Germany +49-911-740530 // (Batman Costume warning label) |
- -
