7 Mar
2002
7 Mar
'02
14:49
Hi Sven,
Application : OpenSSH Version(s) : All versions between 2.0 and 3.0.2
Does that mean openssh-3.0.2p1 is vulnerable ? Is the situation different, if password authentication is not allowed from sshd ?
i think thats what it mean .. the authentication is irrelevant cause the user must authenticate first .. but if he is authenticated, he's able to 'root' the box (if i understand this announcement right)
and its only one line to be changed... Anyway, I am going rebuild it for all ix-plattforms :-( -- Kind regards, Thorsten Liebig