Re: lug-bg: openssh vulnerability
- Subject: Re: lug-bg: openssh vulnerability
- From: gf@xxxxxxxxxxx (Georgi Chorbadzhiyski)
- Date: Wed, 26 Jun 2002 23:15:50 +0300
Boyan Krosnov wrote:
>
> -----Original Message-----
> From: Ian A Finlay [mailto:iaf@xxxxxxxxxxxxxx]
> Sent: Wednesday, June 26, 2002 9:02 PM
> To: nanog@xxxxxxxxx
> Subject: SSHD
>
>
>
> Not sure if folks have seen this. If not, better go read it.
>
> http://www.openssh.com/txt/preauth.adv
> http://www.openssh.com/txt/iss.adv
Slackware not vulnerable (Score:3, Insightful)
by volkerdi on 06:47 PM -- Wednesday June 26 2002 (#3770251)
(User #9854 Info)
Slackware is not affected by this security problem. You need BSD_AUTH, S/KEY, or PAM
to have a potential problem (PAM is still not verified), and we've never compiled in
any of those options, nor are they options in a default build. So, you could just
keep using a version with working compression, just don't include those options.
More simple is usually more secure.
...Hmm dokolokoto cheta nasam-natam i RedHat 7.3 po default ne e vulnerable,
kakto i predpolozhih v predishnoto si msg. Ne che shte trygna da si otvariam
firewallnatite predi 3 dni portove no wse pak e dobre chovek da chue niakoia
dobra novina :)
--
Georgi Chorbadzhiyski
http://georgi.top.bg/
============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================
|