Linux Today: Linux News On Internet Time.

More on LinuxToday

Madeinlinux Advisory: openssh

Jun 28, 2002, 14:16 (0 Talkback[s])

Openssh versions between 2.9.9 and 3.3 contain a bug in the ChallengeResponseAuthentication code. This bug can be exploited remotely if ChallengeResponseAuthentication is enabled in sshd_config.

New openssh packages are available for Madeinlinux.

New Madeinlinux packages have been released for openssh-3.4p1. openssh-3.4p1 fixes an openssh bug that can be remotely exploitable (cfr.

The new packages can be found at these URLs:

Packages for Madeinlinux 4.0SE (glibc 2.1):*

Packages for Madeinlinux 5.0 (glibc 2.2)*3.4p1*