Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: SSH1 vulnerability ?
From: Markus Friedl <Markus.Friedl () INFORMATIK UNI-ERLANGEN DE>
Date: Sun, 11 Feb 2001 13:15:09 +0100
Tatu Ylonen wrote:


It's real enough for most vendors to respond. I think you want
to make sure your servers have at least 1.2.30/2.4.0 or
openssh 2.3.0p1 at this point.


well, 1.2.30 does not contain a fix for this problem.


No, but the current version is ssh-2.4.0, which does not suffer from this
problem at all.


Well, you have to be very careful.

This is only true if ssh-2.4.0 has fallback to ssh1 disabled
and since the posting says "1.2.30/2.4.0" it implies that ssh1 support
is enabled.

So I'd like to point out again that:

        1) ssh-2.4.0 is vulnerable iff fallback to ssh1 is enabled
           (unless if falls back to openssh-2.3.0p1, but I assume that
           this is very unlikely).

        2) openssh-2.3.0p1 is _not_ vulnerable at all.

Note that it's not unlikely that ssh-2.x installations have ssh1 fallback
_enabled_  (> 50% in the network I did check).

-m

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]