Re: Much ado about nothing.
From: Ralph Huntington (rjh@mohawk.net)
Date: 06/26/02
- Next message: Konrad Heuer: "bsd libc dns resolving code vulnerable?"
- Previous message: Robert Watson: "Re: Much ado about nothing."
- In reply to: Benjamin Krueger: "Much ado about nothing."
- Next in thread: H. Wade Minter: "Re: Much ado about nothing."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 26 Jun 2002 10:54:53 -0400 (EDT) From: Ralph Huntington <rjh@mohawk.net> To: Benjamin Krueger <benjamin@seattleFenix.net>
From:
http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20584
=====================================================================
Administrators can remove this vulnerability [in shhd] by disabling the
Challenge-Response authentication parameter within the OpenSSH daemon
configuration file.
To disable this parameter, locate the corresponding line [in the sshd
config file] and change it to the line below [or add the line presumably]:
ChallengeResponseAuthentication no
This workaround will permanently remove the vulnerability.
=====================================================================
Hoping someone can/will confirm the above...
-=r=-
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Konrad Heuer: "bsd libc dns resolving code vulnerable?"
- Previous message: Robert Watson: "Re: Much ado about nothing."
- In reply to: Benjamin Krueger: "Much ado about nothing."
- Next in thread: H. Wade Minter: "Re: Much ado about nothing."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
