Date: Thu, 15 Jun 1995 09:23:24 +0800 From: ywliu@beta.wsl.sinica.edu.tw To: security@freebsd.org Subject: FreeBSD vulnerability in S/Key Message-ID: <199506150128.SAA14137@freefall.cdrom.com>
next in thread | raw e-mail | index | archive | help
Hi, I read the following on comp.security.announce >CERT Vendor-Initiated Bulletin VB-95:04 >June 14, 1995 > >Topic: Logdaemon/FreeBSD vulnerability in S/Key >Source: Wietse Venema (wietse@wzv.win.tue.nl) > >A vulnerability exists in my own S/Key software enhancements. Since >these enhancements are in wide-spread use, a public announcement is >appropriate. The vulnerability affects the following products: > > FreeBSD version 1.1.5.1 > FreeBSD version 2.0 > logdaemon versions before 4.9 I am not familiar with S/Key, so my question is : I am using MD5 rather than DES, is this relevent ? Am I supposed to patch my system ? Also, is this fixed in 2.0.5 ? -- Yen-Wei Liu Internet e-mail address:ywliu@beta.wsl.sinica.edu.tw ywliu@gate.sinica.edu.tw FAX: +886-2-783-6444
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199506150128.SAA14137>