OpenSSH vulnerability fix ?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
hello list,

Recently a vulnerability has been found in versions up
to and including 3.6.1 of the OpenSSH daemon.
For further information see:

OpenSSH made the following statement about this issue:

Enable 'VerifyReverseMapping' on the sshd server.
In our estimation, this vulnerability does not pose an imminent
threat; however, it permits a greater-than-expected level of access to
a security control in your infrastructure.

According to the Changelog of OpenSSH 3.6.1p2 this
vulnerability is still not fixed.

Yesterday IBM announced that this vulnerability has been fixed
in version 3.6.1p2 for AIX.
For further information about this announcement see:

Can someone confirm if this vulnerability has been fixed
in 3.6.1p2 according to IBM, or has not been fixed according
to the changelog of OpenSSH 3.6.1p2 ?

Kind regards,


Re: OpenSSH vulnerability fix ?

Sorry little bit paranoid for spam, this is
a readable reply address ;)


NO_SPAM> wrote:
Quoted text here. Click to load it

Site Timeline