Date: Fri, 19 Jun 1998 12:00:58 -0700 (PDT)
From: samboy@mr.samiam.org
To: linux-security@redhat.com
Subject: [linux-security] SSH security hole found
>>From http://lwn.net/#security
A vulnerability present in the SSH software package can allow an
attacker to execute arbitrary commands on the SSH server. To protect
against this, immediately upgrade to ssh 1.2.25. Red Hat ssh-1.2.25 RPMs
are available, as is the Debian ssh-1.1.25 package for hamm (Debian
2.0-to-be).
There are SSH 1.2.25 RPMs here:
ftp://ftp.fi.muni.cz/pub/ssh/local-fi.muni.cz/linux/
The Debian ssh-1.2.25 package is available at:
ftp://ftp.lh.umu.se/pub/linux/debian-non-US/unstable/binary-i386/
(plagarized directly from the web page in question)
- Sam
"That which does not destroy me, makes me stronger" -- Nietzsche
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
