In message <073f01c09136$ddc04240$2e58a8c0@ffornicario>, =?iso-8859-1?Q?Iv=E1n_
Arce?= writes:
> OpenSSH
>  The vulnerability is present in OpenSSH up to version 2.3.0,
>  although it is not possible to exploit it  due to limits imposed
>  on the number of simultaneous connections the server is allowed
>  to handle,
This is a confusing way to put it.  This attack is not feasible on
OpenSSH.  The connection limits takes care of it.  If you are running
OpenSSH 2.3.0, you are completely fine.


Reply via email to