Date: Sat, 11 Nov 2000 18:18:23 -0600 (CST) From: Mike Silbersack <silby@silby.com> To: Kris Kennaway <kris@FreeBSD.ORG> Cc: John F Cuzzola <vdrifter@ocis.ocis.net>, freebsd-security@FreeBSD.ORG Subject: Re: SSH Message-ID: <Pine.BSF.4.21.0011111816520.53920-100000@achilles.silby.com> In-Reply-To: <20001111160742.A52887@citusc17.usc.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 11 Nov 2000, Kris Kennaway wrote: > On Sat, Nov 11, 2000 at 05:45:55PM -0600, Mike Silbersack wrote: > > > > Er, old 1.2.27 with old rsaref is root-exploitable. > > Wasn't that 1.2.26? Anyway, I meant the FreeBSD port, which is fixed. > > Kris 1.2.27 and before was affected. Both the ssh port and rsaref port were patched in short order, I recall. However, we have no clue what age the 1.2.27 binary in question is. So, while new installs aren't vulnerable, the original poster's system may be at risk. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0011111816520.53920-100000>