freebsd 5.2.1 openssh hole
Thomas May
thomas.may at x9media.com
Mon May 24 12:23:46 PDT 2004
Hi,
i have installed the new version 5.2.1 and the ports collection from
yesterday. i have checked the server
with nessus and I got a security hole warning.
You are running a version of OpenSSH which is older than 3.7.1
Versions older than 3.7.1 are vulnerable to a flaw in the buffer management
functions which might allow an attacker to execute arbitrary commands on
this
host.
What can I do ? I have installed openssl from the ports tree, but I got the
same error.
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.689 / Virus Database: 450 - Release Date: 21.05.2004
More information about the freebsd-questions
mailing list