Same thing in AIX 4.2.1.0 and HP-UX 10.20/11.00, previously configured as
Trusted System.
Cordial Greetings,
CVC
# -----Original Message-----
# From: Stephanie Thomas [mailto:[EMAIL PROTECTED]]
# Sent: Wednesday, July 25, 2001 11:18 AM
# To: Emre Yildirim; [EMAIL PROTECTED]
# Subject: RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0
#
#
# Hi Emre,
#
# We have tested OpenBSD and NetBSD, and have found
# that they do not experience this vulnerability,
# even with ssh 3.0.0 installed.
#
# This is most likely due to the method used to encrypt the
# password in /etc/passwd or /etc/shadow.
#
# Best Regards,
#
# Steph
#
# -----Original Message-----
# From: Emre Yildirim [mailto:[EMAIL PROTECTED]]
# Sent: Monday, July 23, 2001 5:12 PM
# To: [EMAIL PROTECTED]
# Cc: [EMAIL PROTECTED]
# Subject: RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0
#
#
#
# > SSH Secure Shell 3.0.0 does not ship with any
# > of the operating systems mentioned, nor does the
# > announcement specify that it does. However, if a
# > user has explicitly installed SSH Secure Shell 3.0.0
# > on any of the listed operating systems, they are
# > vulnerable to this potential exploit.
# >
#
# I don't want to drag this boring thread any longer, but in
# your advisory, it stated that OpenBSD and NetBSD were
# not vulnerable. So...if I install SSH 3.0.0 on one of those
# (even though the already come with openssh), ssh will not
# be vulnerable to this bug? Or will it? I think that part
# created a little confusion.
#
#
# Cheers
#
#
#