Date: Wed, 26 Jun 2002 17:07:55 +0100 From: Kevin Golding <kevin@caomhin.demon.co.uk> To: "H. Wade Minter" <minter@lunenburg.org> Cc: freebsd-security@freebsd.org Subject: Re: Much ado about nothing. Message-ID: <RyQAvlBbbeG9Ew98@caomhin.demon.co.uk> In-Reply-To: <20020626113517.N3133-100000@bunning.skiltech.com> References: <20020626072326.A4270@mail.seattleFenix.net> <20020626113517.N3133-100000@bunning.skiltech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Someone, quite probably H. Wade Minter, once wrote: >On Wed, 26 Jun 2002, Benjamin Krueger wrote: > >> >> http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=20584 > > >Lemme see if I have this right. > >We were all whipped into a "Must Upgrade NOW!!!!" frenzy over this OpenSSH >hole. It was so severe that it had to be kept in utmost secrecy, and the >S.O.P. seemed to be "If you can't or won't upgrade, then turn off SSH,"... > >...and the solution is to disable S/KEY??? That's it? Not even that :-) Jacques has confirmed that the 2.9 which most people are (were?) running wasn't even vulnerable anyway. Kevin -- kevin@caomhin.demon.co.uk To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?RyQAvlBbbeG9Ew98>