From owner-freebsd-security Fri Mar 16 2:26:17 2001 Delivered-To: freebsd-security@freebsd.org Received: from mine.kame.net (kame195.kame.net [203.178.141.195]) by hub.freebsd.org (Postfix) with ESMTP id 9D2BF37B719 for ; Fri, 16 Mar 2001 02:26:14 -0800 (PST) (envelope-from sakane@ydc.co.jp) Received: from localhost ([3ffe:501:481d:1000:260:1dff:fe21:f766]) by mine.kame.net (8.11.1/3.7W) with ESMTP id f2GAR6Y76773; Fri, 16 Mar 2001 19:27:07 +0900 (JST) To: kris@obsecurity.org Cc: freebsd-security@FreeBSD.ORG Subject: Re: What's vunerable? In-Reply-To: Your message of "Fri, 16 Mar 2001 01:40:04 -0800" <20010316014004.A86953@mollari.cthul.hu> References: <20010316014004.A86953@mollari.cthul.hu> X-Mailer: Cue version 0.6 (010224-1625/sakane) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Message-Id: <20010316192556Q.sakane@ydc.co.jp> Date: Fri, 16 Mar 2001 19:25:56 +0900 From: Shoichi Sakane X-Dispatcher: imput version 20000228(IM140) Lines: 8 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > > What I really need to know is what vulnerabilities exist on each box - > > so that I can present the boss with a risk assessment, and make him > > decide if the box stays as is, or gets a make world. > Read the advisories. why don't the maintener of the ports of openssh make upgrade its version ? current version of the ports is openssh 2.2.0 which has some vulnerability. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message