Versions vs vulnerabilities

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Is there a place to look up a particular version of openssh against
known vulnerabilities?

My version 3.5p1-6 isn't the latest, but if there are no significant
holes, I'd just as soon stay here.


Re: Versions vs vulnerabilities

Gary Armstrong  <> wrote:
Quoted text here. Click to load it

Ask your vendor (the "-6" indicates that they have made a number of

Vanilla OpenSSH < 3.7.1 has a buffer handling problem:
Your vendor may have applied a patch to address this.

In addition, Portable versions 3.7p1 and 3.7.1p1 have a problem with

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Site Timeline