Mailinglist Archive: opensuse-security (334 mails)

< Previous Next >
openssh exploit?
  • From: Frank Steiner <fst@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Tue, 16 Sep 2003 15:09:04 +0200
  • Message-id: <3F670B70.5B0FEF8C@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Hi,

is there already a statement if the SuSE openssh versions are vulnerable?
http://lists.netsys.com/pipermail/full-disclosure/2003-September/010103.html

I looked in the patched version for SuSE 7.3 and if I understand the fix at
http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1.1.1.6&r2=1.1.1.7
then the 7.3 version seems to be vulnerable, too.

cu,
Frank

--
Dipl.-Inform. Frank Steiner Mail: fst@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Lehrstuhl f. Bioinformatik Mail: frank@xxxxxxxxxxxxxxxxx
LMU, Theresienstrasse 39 Phone: +49 89 2180-4049, Fax: -4054
80333 Muenchen, Germany http://www.informatik.uni-kiel.de/~fst/

< Previous Next >
Follow Ups