OpenSSH Security Advisory (adv.iss)
Bob Van Cleef
vancleef at microunity.com
Thu Jun 27 09:48:05 EST 2002
On 27 Jun 2002, Damien Miller wrote:
> On Thu, 2002-06-27 at 03:44, Bob Van Cleef wrote:
> > Question: If ChallengeResponseAuthentication is set to 'no' in
> > sshd_config, can the bug be exploited in OpenSSH_3.1p1?
>
> No, but there are other fixes so you should upgrade anyway.
>
> -d
>
Thanks
Unfortunately my SunOS 4.1.4 build is having severe problems. Tons of
redefines and problems with _memmove. Most likely all related to the age
of the compiler ( 2.7.2 ).
I'll disable that stuff until I can get a working build. Sigh... one
day I will retire those beasts. /grin
Bob
More information about the openssh-unix-dev
mailing list