Do you have a question? Post it now! No Registration Necessary. Now with pictures!
July 18, 2003, 11:14 am
rate this thread
Recently a vulnerability has been found in versions up
to and including 3.6.1 of the OpenSSH daemon.
For further information see:
OpenSSH made the following statement about this issue:
Enable 'VerifyReverseMapping' on the sshd server.
In our estimation, this vulnerability does not pose an imminent
threat; however, it permits a greater-than-expected level of access to
a security control in your infrastructure.
According to the Changelog of OpenSSH 3.6.1p2 this
vulnerability is still not fixed.
Yesterday IBM announced that this vulnerability has been fixed
in version 3.6.1p2 for AIX.
For further information about this announcement see:
Can someone confirm if this vulnerability has been fixed
in 3.6.1p2 according to IBM, or has not been fixed according
to the changelog of OpenSSH 3.6.1p2 ?
- » Solaris 8 Password Aging not working with pre-complied OpenSSH from Sunfreeware.com
- — Next thread in » Secure Shell Forum
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum