Pedro Barreto wrote: > just to be sure everyone knows.
Hi Pedro! Long time.... > > Affected Versions: > > OpenSSH versions prior to 2.3.0 (if SSH Version 1 fallback is enabled) What version of OpenSSH is being used in LEAF projects? > > Description: > > The vulnerability exists in affected SSH versions when integer > > calculations are not handled correctly, resulting in a buffer overflow > > condition. Exploitation of this vulnerability at the time was > > considered extremely difficult, but not technically impossible. It's a good thing it is "extremely difficult." However, I think OpenSSH 2.3.0 is rather old; isn't OpenSSH up to 2.5.x now? _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
