Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0

From: Brian Carpio (carb02@csgsystems.com)
Date: 07/23/01


Date: Mon, 23 Jul 2001 10:31:06 -0600 (MDT)
From: Brian Carpio <carb02@csgsystems.com>
To: Marcin Zurakowski <marcin@interfirma.pl>
Subject: Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0
Message-ID: <Pine.GSO.4.10.10107231030340.15120-100000@sylvester.co.csgsystems.com>


OpenSSH is not vulnerable at all weather or not you use PAM.. this is SSH
the commercial Version.

If you didn't pay for it then you are OK!!

--------------
Brian Carpio
CSG Systems Inc.
Open Systems Unix System Admin

x3317
--------------

--- Security is a Process NOT a Product ----

On Sat, 21 Jul 2001, Marcin Zurakowski wrote:

> On Fri, 20 Jul 2001, Stephanie Thomas wrote:
>
> > an empty password. This affects SSH Secure Shell 3.0.0
>
> I guess openssh with pam support is not vulnerable??
>
> --
>
> Marcin Zurakowski
>
> InterFirma Administrator
>
>
>