[16255] in Athena Bugs
sun4 8.2.9: ssh
daemon@ATHENA.MIT.EDU (Aaron M Bornstein)
Fri Aug 28 19:23:32 1998
To: bugs@MIT.EDU
Date: Fri, 28 Aug 1998 19:23:29 EDT
From: Aaron M Bornstein <aaronmb@MIT.EDU>
System name: w20-575-56.mit.edu
Type and version: SPARC/4 8.2.9
Display type: tcx
What were you trying to do?
Use SSH in a secure manner :-)
What's wrong:
The installed copy of SSH here is version 1.2.23. This has
a *published* security vulnerability which can allow attackers to hijack
connections of SSH users. Upgrade to version 1.2.26 or 2.0.8, perhaps both
(using ssh2 as the name of the v2 binary. Reading docs on
ftp.cs.hut.fi/pub/ssh should clear up any questions regarding the difference
between the two)
What should have happened:
...
Please describe any relevant documentation references:
ftp.cs.hut.fi/pub/ssh
