pentru cei care nu sunt abonati la bugtraq ( deocamdata era pentru freebsd, dar ... )
---- SSH clients and servers communicate by exchanging discrete messages with a variable number of parameters. Due to the lack of sufficient integrity checks in a portion of the server code responsible for handling incoming SSH2_MSG_USERAUTH_INFO_RESPONSE messages, it was possible for a malicious client to send a message that would cause the server to overwrite portions of its memory with client-provided data. ---- <URL:http://www.openssh.com/txt/preauth.adv> <URL:http://www.iss.net/security_center/static/9169.php> Alex ps: iar bube in openssh ? --- Pentru dezabonare, trimiteti mail la [EMAIL PROTECTED] cu subiectul 'unsubscribe rlug'. REGULI, arhive si alte informatii: http://www.lug.ro/mlist/
