From owner-freebsd-security  Mon Sep 14 23:10:02 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id XAA03760
          for freebsd-security-outgoing; Mon, 14 Sep 1998 23:10:02 -0700 (PDT)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from leaf.lumiere.net (leaf.lumiere.net [207.218.152.15])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id XAA03709
          for <freebsd-security@freebsd.org>; Mon, 14 Sep 1998 23:09:59 -0700 (PDT)
          (envelope-from j@leaf.lumiere.net)
Received: (from j@localhost)
	by leaf.lumiere.net (8.9.1/8.9.1) id XAA06950;
	Mon, 14 Sep 1998 23:09:49 -0700 (PDT)
Date: Mon, 14 Sep 1998 23:09:49 -0700 (PDT)
From: Jesse <j@lumiere.net>
To: freebsd-security@FreeBSD.ORG
Subject: sshd1 safety?
Message-ID: <Pine.BSF.4.02.9809142304580.6633-100000@leaf.lumiere.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


Hi,

I've recently been hearing about issues with the latest (and final)
version of ssh1 that theorectically might allow remote root (or lesser)
exploits. Is anyone aware of such issues? I did searches on various sites
such as rootshell, but didn't find any major exploits. 

I'm hoping this is a false rumor, since according to the new licensing in
the ssh2 releases, I can't run ssh2. (sigh, I much prefer the ssh1
license).

On a side note, anyone know of any good, secure alternatives to ssh?

Thanks!

---
Jesse <j@lumiere.net>
http://www.lumiere.net/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message