See: http://www.securityfocus.com/advisories/3088
This is a vulnerability on SSH1 and has been patched long ago. If you use SSH 2.x, you should be fine. Ben Ricker System Administrator Wellinx.com On Thu, 2001-10-25 at 14:31, Scott Thomason wrote: > Is there any add'l info on the compromise discussed at the following link? Does it >apply to 2.9.9p2 of openssh? If I use the from="" option of >$HOME/.ssh/authorized_keys2 and restrict connections to addresses I trust, will that >be effective, or does the exploit occur before that check is made? > > http://www.newsalert.com/bin/story?StoryId=Co85tWc4bmdaWmZC > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
