Re: 3.9p1 is affected by CAN-2003-0190 ?

From: Elikster (elik_at_webspires.com)
Date: 12/16/04

Next message: Friedrich Lindenberg: "OpenSSH 3.9p1 hangs after authentication"

Previous message: Marco.Correnti_at_esa.int: "3.9p1 is affected by CAN-2003-0190 ?"
In reply to: Marco.Correnti_at_esa.int: "3.9p1 is affected by CAN-2003-0190 ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 16 Dec 2004 11:13:09 -0600
To: secureshell@securityfocus.com

Hello Marco,

Seems so, but it only affects the SSH if it have PAM authentication enabled in the SSH Configuration. If you don't have PAM enabled within SSH, then it is not exploitable.

Thursday, December 16, 2004, 8:56:42 AM, you wrote:

> SecurityFocus has published a "new" vulnerability on 30 Nov 2004,
> http://www.securityfocus.com/bid/11781
> that seems to affect also the latest Portable OpenSSH version ,3.9p1.

> The CVE has assigned the CAN-2003-0190.

> Is it right ?

> Thanks

> Marco

-- 
Best regards,
 Elikster                            mailto:elik@webspires.com

Next message: Friedrich Lindenberg: "OpenSSH 3.9p1 hangs after authentication"

Previous message: Marco.Correnti_at_esa.int: "3.9p1 is affected by CAN-2003-0190 ?"
In reply to: Marco.Correnti_at_esa.int: "3.9p1 is affected by CAN-2003-0190 ?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]