Re: OpenSSH advisory

From: Chris Ess (azarin@tokimi.net)
Date: 06/26/02

• Previous message: Michal Zalewski: "RE: OpenSSH Vulns (new?) Priv seperation"
• In reply to: Jan Gruber: "OpenSSH advisory"
• Next in thread: Daniel Harrison: "Re: OpenSSH advisory"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 26 Jun 2002 13:14:50 -0400 (EDT)
From: Chris Ess <azarin@tokimi.net>
To: Jan Gruber <Jan.Gruber@pollux.primacom.net>

> I stumbled across a debian advisory about OpenSSH.
>
> http://www.debian.org/security/2002/dsa-134
>
> I cant find anything more detailed about this issue, does anyone have
> further information ?

A copy of ISS's advisory is here:
http://online.securityfocus.com/archive/1/278818/2002-06-23/2002-06-29/0

Also, OpenSSH 3.4p1 is out which contains a fix to the bug but I've only
seen it on ftp.openbsd.org

Hope this helps.

Chris Ess
System Administrator / CDTT (Certified Duct Tape Technician)

---

• Previous message: Michal Zalewski: "RE: OpenSSH Vulns (new?) Priv seperation"
• In reply to: Jan Gruber: "OpenSSH advisory"
• Next in thread: Daniel Harrison: "Re: OpenSSH advisory"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages OpenSSH advisory ... I stumbled across a debian advisory about OpenSSH. ... I cant find anything more detailed about this issue, ... TIA, ... (Vuln-Dev) Authentication failed suddenly ... Then I recompiled openssh 3.4p1, make install again. ... I tried creating a new user, still it cant be authenticated. ... Anyone know how to fix this authentication problem? ... (comp.security.ssh)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > securityfocus  > vuln-dev  > 2002-06