freebsd 5.2.1 openssh hole
JJB
Barbish3 at adelphia.net
Mon May 24 13:46:00 PDT 2004
Send email to FBSD OpenSSH port maintainer and tell then the port is
out of date.
-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Thomas May
Sent: Monday, May 24, 2004 3:23 PM
To: freebsd-questions at FreeBSD.org
Subject: freebsd 5.2.1 openssh hole
Hi,
i have installed the new version 5.2.1 and the ports collection from
yesterday. i have checked the server
with nessus and I got a security hole warning.
You are running a version of OpenSSH which is older than 3.7.1
Versions older than 3.7.1 are vulnerable to a flaw in the buffer
management
functions which might allow an attacker to execute arbitrary
commands on
this
host.
What can I do ? I have installed openssl from the ports tree, but I
got the
same error.
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.689 / Virus Database: 450 - Release Date: 21.05.2004
_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list