Mailinglist Archive: opensuse-security (499 mails)

< Previous Next >
Re: [suse-security] OpenSSH 3.0.2p1
  • From: "thilo mohri" <c0re@xxxxxxxxxxx>
  • Date: Thu, 20 Jun 2002 13:25:44 +0000
  • Message-id: <F78b6OAA5V7HFoJ8S8700006f29@xxxxxxxxxxx>
btw dude can you send me more informations about this hole? never heard about it and wanna know more. thx

regards, c0re

From: James Ogley <james.ogley@xxxxxxxxxxxxxx>
To: Security List <suse-security@xxxxxxxx>
Subject: [suse-security] OpenSSH 3.0.2p1
Date: 20 Jun 2002 09:34:38 +0100


I'm running SuSE 8.0, with OpenSSH 3.0.2p1-108.

This morning, I did a Nessus scan on one of my boxen at home, which
reported that this version is vulnerable to the off-by-one hole.

I checked the Security Announcement about this (SuSE-SA:2002:009), but
this predates 8.0, and refers to fixed versions of 2.9.9.

Is the package of 3.0.2p2 in 8.0 patched to fix this hole as well, thus
rendering that aspect of my Nessus report a red herring? If not, is
there an update in the works?


James Ogley, Unix Systems Administrator, Pinnacle Insurance Plc
james.ogley@xxxxxxxxxxxxxx +44 (0) 20 8731 3619
Using Free Software since 1994, running GNU/Linux (SuSE 8.0)
Updated GNOME RPMs for SuSE Linux:

CONFIDENTIALITY.This e-mail and any attachments are
confidential and may also be privileged. If you are not the
named recipient, please notify the sender immediately and
do not disclose the contents to another person, use it for any
purpose, or store or copy the information in any medium. Any
views expressed in this message are those of the individual
sender, except where the sender specifically states them to
be the views of Pinnacle Insurance plc.

If you have received this email in error please immediately
notify the Pinnacle Helpdesk on +44 (0) 20 8207 9555.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here

Werden Sie Mitglied bei MSN Hotmail, dem größten E-Mail-Service der Welt.

< Previous Next >
This Thread
Follow Ups