Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 24 May 2004 16:45:58 -0400
From:      "JJB" <Barbish3@adelphia.net>
To:        "Thomas May" <thomas.may@x9media.com>, <freebsd-questions@FreeBSD.org>
Subject:   RE: freebsd 5.2.1 openssh hole
Message-ID:  <MIEPLLIBMLEEABPDBIEGMEGDFPAA.Barbish3@adelphia.net>
In-Reply-To: <20040524192344.E6DFE43D2D@mx1.FreeBSD.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Send email to FBSD OpenSSH port maintainer and tell then the port is
out of date.

-----Original Message-----
From: owner-freebsd-questions@freebsd.org
[mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Thomas May
Sent: Monday, May 24, 2004 3:23 PM
To: freebsd-questions@FreeBSD.org
Subject: freebsd 5.2.1 openssh hole

Hi,



i have installed the new version 5.2.1 and the ports collection from
yesterday. i have checked the server

with nessus and I got a security hole warning.



You are running a version of OpenSSH which is older than 3.7.1



Versions older than 3.7.1 are vulnerable to a flaw in the buffer
management

functions which might allow an attacker to execute arbitrary
commands on
this

host.



What can I do ? I have installed openssl from the ports tree, but I
got the
same error.








---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.689 / Virus Database: 450 - Release Date: 21.05.2004

_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe@freebsd.org"



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?MIEPLLIBMLEEABPDBIEGMEGDFPAA.Barbish3>