Bugtraq mailing list archives

OPENSSH-SORCERER2003-09-17

From: Michael Walton <mwalton () abilene com>
Date: Wed, 17 Sep 2003 04:19:09 -0500

 
                    Sorcerer Update Advisory
                      Tap Into the Source
 
 
________________________________________________________________________
 
Source Name:            openssh-3.7p1
Advisory ID:            SORCERER2003-09-17
Date:                   September 17th, 2003
________________________________________________________________________
 
Problem Description:
        Versions of ssh before 3.7 are affected by a buffer management
        bug.  A problem in the openssh buffer.c file was found that
        may or may not be exploitable.  The sources have been  updated
        to protect the innocent.
 
Update:
        Sources have been updated to the latest version.
________________________________________________________________________
 
Updated Sources: openssh-3.7p1
 
 
________________________________________________________________________
 
Recomendation:
                augur synch  && augur newer && augur update
 
                                or
 
                augur easy
 
 
 
------------------------------------------------------------------------
 
Contacts:
 
Email:          sorcerer-security () linuxmountain org
Mail List:     
https://lists.berlios.de/mailman/listinfo/sorcerer-spells
Web:            http://sorcerer.wox.org

-- 
Michael Walton, CCNA
Network Analyst
Leapfrog Technologies LLC
Bitstreet Internet
Cova Systems

mwalton () abilene com

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

OPENSSH-SORCERER2003-09-17 Michael Walton (Sep 17)
- openssh 3.7.1 patched or not? Tom Brown (Sep 17)
  - Re: openssh 3.7.1 patched or not? Alex Lambert (Sep 17)
  - Re: openssh 3.7.1 patched or not? Thomas Lotterer (Sep 18)