Re: 3.9p1 is affected by CAN-2003-0190 ?
From: Elikster (elik_at_webspires.com)
Date: Thu, 16 Dec 2004 11:13:09 -0600 To: firstname.lastname@example.org
Seems so, but it only affects the SSH if it have PAM authentication enabled in the SSH Configuration. If you don't have PAM enabled within SSH, then it is not exploitable.
Thursday, December 16, 2004, 8:56:42 AM, you wrote:
> SecurityFocus has published a "new" vulnerability on 30 Nov 2004,
> that seems to affect also the latest Portable OpenSSH version ,3.9p1.
> The CVE has assigned the CAN-2003-0190.
> Is it right ?
-- Best regards, Elikster mailto:email@example.com