Yeah, but they list pretty much every version of F-secure ssh being
vulnerable also.  I wish there was more information.

> -----Original Message-----
> From: James Spinti [mailto:jspinti at dart.dartdist.com] 
> Sent: Friday, November 30, 2001 8:00 AM
> To: tclug-list at mn-linux.org
> Subject: RE: [TCLUG] [Security Discuss] new sshd exploit ? (fwd)
> 
> 
> Seems it is just a rerun of an old exploit:
> 
> http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=100698565325242&w=2
> 
> Thanks,
> 
> James Spinti
> jspinti at dartdist.com
> 952-368-3278 x396
> fax 952-368-3255 
> 
> |-----Original Message-----
> |From: tclug-list-admin at mn-linux.org 
> |[mailto:tclug-list-admin at mn-linux.org]On Behalf Of Joshua b. Jore
> |Sent: Thursday, November 29, 2001 10:32 PM
> |To: tclug-list at mn-linux.org
> |Subject: [TCLUG] [Security Discuss] new sshd exploit ? (fwd)
> |
> |
> |-----BEGIN PGP SIGNED MESSAGE-----
> |Hash: SHA1
> |
> |(forwarded from misc at openbsd.org. The affected people ran Redhat)
> |
> |FYI...  heads' up from the SSH mail list
> |
> |> > A colleague sent me a very vague e-mail, telling me that I
> |should 'disable
> |> > SSHD now' because of a 'private exploit being circulated since
> |Saturday'.
> |> >
> |> > Anyone know anything about this?
> |>
> |> The following URL should give you some more information: 
> |> 
> http://marc.theaimsgroup.com/?l=openssh-unix-> dev&m=100696253318793&w=
> |> 2
> |
> |Given the other issue of Kerberos pre-v3, an update to the latest 
> |OpenSSH 3.0+ seems warrented.
> |    
> http://www.oreillynet.com/lpt/a/linux/2001/11/26/insecurities.
html
|-----BEGIN PGP SIGNATURE-----
|Version: GnuPG v1.0.6 (OpenBSD)
|Comment: For info see http://www.gnupg.org
|
|iD8DBQE8Bu95fexLsowstzcRAn9UAJwPqCgv7n5zBAF7K4EbUGfgml2cLQCfdICG
|bS4kDoKGWmvGLrp+PXs2kiA=
|=Z8jF
|-----END PGP SIGNATURE-----
|
|_______________________________________________
|Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul,
|Minnesota
|http://www.mn-linux.org
|tclug-list at mn-linux.org
|https://mailman.mn-linux.org/mailman/listinfo/tclug-list
|
_______________________________________________
Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.mn-linux.org/mailman/listinfo/tclug-list