On Sun, 23 Dec 2001, Yotam Rubin wrote: > On Sun, Dec 23, 2001 at 09:42:48AM +0200, mulix wrote: > > On Sun, 23 Dec 2001, Shachar Shemesh wrote: > > > > > Actually, I'm going over BugTraq daily anyways. What system is Iglu > > > running anyway? RedHat? > > > > redhat 6.2. > > > > that would mean the initial update to bring it up to date will be rather > > massive, unless someone's been taking care of it in the meantime? > > Once crucially important update is ssh, whose version on iglu.org.il appears > to be vulnerable to the CRC compensation bug, which may grant arbitrary > access to attackers.
Indeed, the current ssh version seems to be too old and requires an immediate upgrade (telnet to port 22 of iglu) IIRC redhat have not issued upgrades of ssh for 6.2 . Note again that upgrading ssh while connecting through ssh is not entirely problematic, as your old connection keeps using the old copy of ssh. -- Tzafrir Cohen /"\ mailto:[EMAIL PROTECTED] \ / ASCII Ribbon Campaign Taub 229, 04-829-3942 X Against HTML Mail http://www.technion.ac.il/~tzafrir / \ ---------------------------------------------------------------------------- To unsubscribe, send a message to [EMAIL PROTECTED] Archives available at http://www.mail-archive.com/[email protected]/
