openSSH off-by-one patch (was RE: [TriLUG] SSH Probing...)
Mike Johnson
mike at enoch.org
Wed Mar 13 11:07:38 EST 2002
Lisa Lorenzin [lorenzin at 1000plus.com] wrote:
> if you have openSSH, might want to be aware of this one, too. note that
> this is different from the url jeff sent out - it's not been identified as
> remotely exploitable (yet), and it only affects openSSH, but all versions
> of openSSH prior to 3.1 are affected.
Don't forget the fun zlib bug:
http://www.cert.org/advisories/CA-2002-07.html
http://online.securityfocus.com/archive/1/261406
Mike
--
"Let the power of Ponch compel you! Let the power of Ponch compel you!"
-- Zorak on Space Ghost
GNUPG Key fingerprint = ACD2 2F2F C151 FB35 B3AF C821 89C4 DF9A 5DDD 95D1
GNUPG Key = http://www.enoch.org/mike/mike.pubkey.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
URL: <http://www.trilug.org/pipermail/trilug/attachments/20020313/40bda83a/attachment.pgp>
More information about the TriLUG
mailing list