[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-security] Significant OpenSSH Vulnerability ??

Subject: RE: [cobalt-security] Significant OpenSSH Vulnerability ??
From: "Tony" <isplists@xxxxxxxxxxxx>
Date: Tue, 25 Jun 2002 23:00:36 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

+You're absolutely correct, without PrivSep enabled SSH is far less secure.
+However, when I was working on OpenSSH-3.3p1 two days ago it wasn't known
+that "Compression no" would fix the PrivSep problem on 2.2
+kernels. Thanks to
+Jelmers input I could then go ahead and enable it.
+
+--
+
+Mit freundlichen Grüßen / With best regards
+
+Michael Stauber
+mstauber@xxxxxxxxxxxxxx
+Unix/Linux Support Engineer

Michael,

I tried to install your 3.3p1-1 pkg on a Raq3 and a Raq4.
Both came back with a "That package is not installed" error.
Both machines had pkgmaster 3.1p1-1 ssh.

Tony

Follow-Ups:
- Re: [cobalt-security] Significant OpenSSH Vulnerability ??
  - From: Michael Stauber

References:
- Re: [cobalt-security] Significant OpenSSH Vulnerability ??
  - From: Michael Stauber

Prev by Date: Re: [cobalt-security] Seems that SUN woke up :-)
Next by Date: Re: [cobalt-security] Significant OpenSSH Vulnerability ??
Previous by thread: Re: [cobalt-security] Significant OpenSSH Vulnerability ??
Next by thread: Re: [cobalt-security] Significant OpenSSH Vulnerability ??

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index