Firewall Wizards mailing list archives

Re: SSH nonstandard port / redirection.

From: lk-m-wizards () bigears solsoft com (Lorens Kockum)
Date: 18 Nov 1999 09:02:33 -0000

On firewall-wizards bet () mordor net wrote:


I don't expect I'll be using ssh2 until lsh comes of age.


You want a look at 

% Mailing-List: firewalls-alert
% From: xforce () iss net (X-Force)                  
% Subject: ISSalert: ISS Security Alert Summary: v4 n9
% Date: Wed, 17 Nov 1999 20:42:20 -0500 (EST)   
[...]
% Date Reported:        1999-11-12  
% Vulnerability:        ssh-rsaref-bo 
% Platforms Affected:   SSH v1 Daemons                              
% Risk Factor:          High                                                    
% Attack Type:          Network based                                           
%
% Secure Shell (SSH) version 1 daemons contain apotentially exploitable
% buffer overflow when built with the RSAREF library. This could possibly
% allow remote attackers to compromise root access on affected systems.
%
% Reference:
% BugTraq Mailing List: "ssh-1.2.27 remote buffer overflow - exploitable
% (VD#7)" at:
% http://www.securityfocus.com/templates/archive.pike?list=1&msg=382DB21B.CB92D7A0 () thievco com

Wanna bugfix fast :-(

Current thread:

SSH nonstandard port / redirection. KT Morgan (Nov 17)
- Re: SSH nonstandard port / redirection. Bennett Todd (Nov 17)
  - Re: SSH nonstandard port / redirection. Lorens Kockum (Nov 18)
    - Re: SSH nonstandard port / redirection. Dug Song (Nov 21)
- Re: SSH nonstandard port / redirection. Aaron D. Turner (Nov 17)