25 Jun
2002
25 Jun
'02
21:43
On Tue, 2002-06-25 at 15:14, Ryan Swenson wrote:
Hello,
Not to sound biased; we have plenty of SuSE and Redhat. Is Redhat also affected by this or is there any other documentation to account for this SSH issue other than the account from SuSE; in particuliar any advisories?
Here is a link to the original email by Theo de Raadt to bugtraq: http://lwn.net/Articles/3322/
SA told me they use the Redhat OpenSSH 3.1 patched version which is not vulnerable to this and does not have priv seperation or chroot support.
Don't know about Redhat, but since the details have not been released by the Openssh team, I am unsure how they can claim that. Charles -- Avoid the Gates of Hell. Use Linux (Unknown source)