Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


More on LinuxToday


Madeinlinux Advisory: openssh

Jun 28, 2002, 14:16 (0 Talkback[s])

Openssh versions between 2.9.9 and 3.3 contain a bug in the ChallengeResponseAuthentication code. This bug can be exploited remotely if ChallengeResponseAuthentication is enabled in sshd_config.

New openssh packages are available for Madeinlinux.

New Madeinlinux packages have been released for openssh-3.4p1. openssh-3.4p1 fixes an openssh bug that can be remotely exploitable (cfr. http://www.openssh.com/txt/preauth.adv)

The new packages can be found at these URLs:

Packages for Madeinlinux 4.0SE (glibc 2.1):
ftp.madeinlinux.com/distro/4.0SE/updates/madeinlinux/RPMS/openssh*

Packages for Madeinlinux 5.0 (glibc 2.2)
ftp.madeinlinux.com/devel/RPMS/openssh*3.4p1*