Date: Wed, 28 Nov 2001 21:52:12 -0800 (PST) From: "f.johan.beisser" <jan@caustic.org> To: Brett Glass <brett@lariat.org> Cc: Mauro Dias <localhost@dsgx.org>, <security@FreeBSD.ORG> Subject: Re: sshd exploit Message-ID: <20011128214925.P16958-100000@localhost> In-Reply-To: <4.3.2.7.2.20011128221259.04665720@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 28 Nov 2001, Brett Glass wrote: > If so, you can probably patch the hole temporarily by disabling > version 1 of the protocol. You can then upgrade to eliminate the hole. > 3.0.1p1 is said to be immune. It's what I've run ever since I first heard > about the vulnerability. the former isn't really a good option since most people use ssh1 clients, and wouldn't have access to their machines. how long have you known of it? frankly, this is the first i've heard about it, let alone the exploit binary. -------/ f. johan beisser /--------------------------------------+ http://caustic.org/~jan jan@caustic.org "John Ashcroft is really just the reanimated corpse of J. Edgar Hoover." -- Tim Triche To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011128214925.P16958-100000>