Hello, The managers of a facility where we house some Debian servers recently ran a vunlerability scan against our up-to-date Sarge servers, and reported vulnerabilities in the version of OpenSSH we were running. I assume that these issues have been fixed or do not apply to Debian's OpenSSH, but I can't find any information to confirm this.
Can anybody confirm that these are not issues in Debian Sarge? CVE-2005-2798 OpenSSH GSSAPI Credential Disclosure CVE-2006-0225 OpenSSH Local SCP Shell Command Execution They also reported this, which I couldn't really find any information about: CVE-2004-0230 TCP Sequence Number Approximation Based Denial of Service Does anybody know if this is addressed in Sarge, or by the Linux kernel at all? Thanks! ---Scott. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]