[linux-sec-uk] OpenSSH buffer management error

James Davis linux-sec-uk at mailman.lug.org.uk
Tue Sep 16 20:12:00 2003


Am sure you've already heard of today's announcement of the flaw in
OpenSSH detailed at http://www.openssh.com/txt/buffer.adv but I felt this
affects enough people to justify a posting to this list. Exploits are in
the wild already so upgrade to OpenSSH 3.7 (see your vendor or
openssh.com) or apply the patch provided at OpenSSH.com

Regards,

James