nanog mailing list archives
RE: new openssh issue
From: "Buhrmaster, Gary" <gtb () SLAC Stanford EDU>
Date: Wed, 17 Sep 2003 11:23:40 -0700
According to Cisco at: http://www.cisco.com/warp/public/707/cisco-sa-20030917-openssh.shtml. this impacts CatOS, their storage router line, their HSE line, and their WLSE lines, and is not an IOS issue. Details on the web page. No fixed versions of software are available yet. Gary
-----Original Message----- From: Avleen Vig [mailto:lists-nanog () silverwraith com] Sent: Wednesday, September 17, 2003 10:27 AM To: Valdis.Kletnieks () vt edu Cc: Richard A Steenbergen; William Allen Simpson; nanog () nanog org Subject: Re: new openssh issue On Tue, Sep 16, 2003 at 03:50:04PM -0400, Valdis.Kletnieks () vt edu wrote:A posting to full-disclosure quotes Theo as saying HP andCisco are affected,and I don't see any reason that Juniper would *NOT* be,given the common codebase of the OpenSSH implementations. I'm not going to saythe routers arevulnerable, but I *would* say that ACLs blocking port 22 tothe router mightbe a good idea.....Isn't this a common practice anyway? Has been anywhere sensible I've seen :-)
Current thread:
- new openssh issue Len Rose (Sep 16)
- Re: new openssh issue William Allen Simpson (Sep 16)
- Re: new openssh issue Richard A Steenbergen (Sep 16)
- Re: new openssh issue Valdis . Kletnieks (Sep 16)
- Re: new openssh issue Avleen Vig (Sep 17)
- Now a Sendmail issue as well (was Re: new openssh issue) Mike Tancsa (Sep 17)
- Re: new openssh issue up (Sep 17)
- Re: new openssh issue Richard A Steenbergen (Sep 16)
- Re: new openssh issue William Allen Simpson (Sep 16)
- <Possible follow-ups>
- RE: new openssh issue Ingevaldson, Dan (ISS Atlanta) (Sep 16)
- RE: new openssh issue Ingevaldson, Dan (ISS Atlanta) (Sep 16)
- RE: new openssh issue Buhrmaster, Gary (Sep 17)