-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Rilindo Foster wrote:
>Yes. Upgrade immediately. Could you please provide support for that? According to these details from the developers: http://www.openssh.com/security.html this was a dead issue as of 2.3.0. Please correct me if I ve missed something. OP, in any case, regardless of version, if you don't allow ssh protocol 1 connections (which you shouldn't, unless you're providing a public service and have no choice), you are not vulnerable. - -d >-------begin signature--------- >Rilindo Foster >http://monzell.com >AIM: rilindo >---------end signature--------- > >-----Original Message----- >From: [EMAIL PROTECTED] >[mailto:[EMAIL PROTECTED]]On Behalf Of JW >Sent: Tuesday, January 15, 2002 4:38 PM >To: [EMAIL PROTECTED] >Subject: OpenSSH security > > >Does anyone know if openssh-2.5.2p2-1 is vulnerable the "crc32 compensation >attack" that's going around? > >Thanks. > >---------------------------------------------------- >Jonathan Wilson >System Administrator > >Cedar Creek Software http://www.cedarcreeksoftware.com >Central Texas IT http://www.centraltexasit.com > > > >_______________________________________________ >Redhat-list mailing list >[EMAIL PROTECTED] >https://listman.redhat.com/mailman/listinfo/redhat-list > > > >_______________________________________________ >Redhat-list mailing list >[EMAIL PROTECTED] >https://listman.redhat.com/mailman/listinfo/redhat-list > - -- David Talkington PGP key: http://www.prairienet.org/~dtalk/0xCA4C11AD.pgp - -- http://setiathome.ssl.berkeley.edu/pale_blue_dot.html -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 Comment: Made with pgp4pine 1.75-6 iQA/AwUBPFYh5b9BpdPKTBGtEQJhygCgoIy31Ah9AVMvgVEDtgbR8nwiw8oAn3o+ EVKc48UZuwq5Ie2FFm+RTOjF =aXEf -----END PGP SIGNATURE----- _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
