Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

New OpenSSH vulnerability (and patched version) reported

From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Tue, 16 Sep 2003 11:11:45 -0400
ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-3.7p1.tar.gz

No announcement yet on the OpenSSH website (nor any of the other
usually places -- except for the Full Discolosure list:

http://lists.netsys.com/pipermail/full-disclosure/2003-September/010116.html
http://lists.netsys.com/pipermail/full-disclosure/2003-September/010148.html .

- Morrow

On UniSOG Laurie Zirkle wrote:
> ----- Forwarded message from "Johannes B. Ullrich" <jullrich () sans org> -----
> Just a quick note that a new version of OpenSSH was released this
> morning to address a bug that may be exploitable. No public exploit code
> so far, but plenty of rumors about this issue being used to compromise
> some systems.

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/cg/.
Previous By Date Next
Previous By Thread Next

Current thread: