this message just appeared on bugtraq (no idea why)
regards,
felix huber
----- Original Message -----
From: "Bruce Campbell" <bruce@engmail.uwaterloo.ca>
To: <bugtraq@securityfocus.com>
Sent: Sunday, November 04, 2001 10:20 PM
Subject: vulnerability diagnosis in "nessus" incorrect...
>
> concerning remote root exploit vulnerability in ssh prior to 1.2.32...
>
> vulnerability diagnosis in "nessus" incorrect leading to possible false
> sense of security.
>
> As you know, ssh prior to 1.2.32 is vulnerable to remote
> root exploit. The diagnostic from security vulnerability
> detector tool www.nessus.org incorrectly identifies the
> risk as a command insertion vulnerability. The difference in
> risk is huge, and I believe the false diagnostic from nessus
> could give users a false sense of security.
>
>
> http://cgi.nessus.org/plugins/dump.php3?id=10607
>
> says...
>
> >You are running a version of SSH which is older than version 1.2.32, or a
> >version of OpenSSH which is older than 2.3.0.
> >
> >This version is vulnerable to a flaw which allows an attacker to insert
> >arbitrary commands in a ssh stream.
> >
> >Solution : Upgrade to version 1.2.32 of SSH which solves this problem, or
> >to version 2.3.0 of OpenSSH
> >
> >http://www.core-sdi.com/advisories/ssh1_deattack.htm
> >
> >Risk factor : High
>
>
>
> ------------------------------------------------------------------------
> Bruce Campbell
> Engineering Computing
> University of Waterloo
> http://www.eng.uwaterloo.ca/~bruce/
> 519-888-4567 ext. 5889
> PGP Key: http://www.eng.uwaterloo.ca/~bruce/public.txt
>
>
>
>
>
regards,
felix huber
----- Original Message -----
From: "Bruce Campbell" <bruce@engmail.uwaterloo.ca>
To: <bugtraq@securityfocus.com>
Sent: Sunday, November 04, 2001 10:20 PM
Subject: vulnerability diagnosis in "nessus" incorrect...
>
> concerning remote root exploit vulnerability in ssh prior to 1.2.32...
>
> vulnerability diagnosis in "nessus" incorrect leading to possible false
> sense of security.
>
> As you know, ssh prior to 1.2.32 is vulnerable to remote
> root exploit. The diagnostic from security vulnerability
> detector tool www.nessus.org incorrectly identifies the
> risk as a command insertion vulnerability. The difference in
> risk is huge, and I believe the false diagnostic from nessus
> could give users a false sense of security.
>
>
> http://cgi.nessus.org/plugins/dump.php3?id=10607
>
> says...
>
> >You are running a version of SSH which is older than version 1.2.32, or a
> >version of OpenSSH which is older than 2.3.0.
> >
> >This version is vulnerable to a flaw which allows an attacker to insert
> >arbitrary commands in a ssh stream.
> >
> >Solution : Upgrade to version 1.2.32 of SSH which solves this problem, or
> >to version 2.3.0 of OpenSSH
> >
> >http://www.core-sdi.com/advisories/ssh1_deattack.htm
> >
> >Risk factor : High
>
>
>
> ------------------------------------------------------------------------
> Bruce Campbell
> Engineering Computing
> University of Waterloo
> http://www.eng.uwaterloo.ca/~bruce/
> 519-888-4567 ext. 5889
> PGP Key: http://www.eng.uwaterloo.ca/~bruce/public.txt
>
>
>
>
>