On Thu, Aug 02, 2001 at 11:00:48AM +0300, Atro Tossavainen wrote:
> David Knight French wrote:
>
> > I would highly recommend that you go to version 2.4 or 3.0 instead of
> > 1.2.31, which has a widely publicized security hole. OpenSSH up to
> > v2.3.0 also has this vulnerability,
>
> Please elaborate which vulnerability it is exactly that you mean. URLs
> to supporting documentation will be fine.
he's probably talking about
http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
a remote root exploit has been posted to bugtraq, but as far as i
understand the SSH Communications Security website, ssh-1.x is no
longer supported as of May 2001.
-m
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
