OpenSSH (version < 3.4p1) && linux

From: chris (chris@secure-packets.com)
Date: 07/14/02


From: chris <chris@secure-packets.com>
To: pen-test@securityfocus.com
Date: 14 Jul 2002 09:49:51 -0500

It seems there is much debate on whether linux based hosts are
vulnerable to the recent remote root exploit for OpenSSH. I have seen
advisories for FreeBSD/NetBSD/OpenBSD but the two systems that I have
most encountered in my tests are Linux and Solaris, though I can't find
a proof of concept exploit for these systems. Any information would be
greatly appreciated.

Thanx,
::chris

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/