Send email to FBSD OpenSSH port maintainer and tell then the port is out of date.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Thomas May Sent: Monday, May 24, 2004 3:23 PM To: [EMAIL PROTECTED] Subject: freebsd 5.2.1 openssh hole Hi, i have installed the new version 5.2.1 and the ports collection from yesterday. i have checked the server with nessus and I got a security hole warning. You are running a version of OpenSSH which is older than 3.7.1 Versions older than 3.7.1 are vulnerable to a flaw in the buffer management functions which might allow an attacker to execute arbitrary commands on this host. What can I do ? I have installed openssl from the ports tree, but I got the same error. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.689 / Virus Database: 450 - Release Date: 21.05.2004 _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"