The new version of Nessus (in testing) is complaining about this too. I think, from looking at the bug reports etc., that in potato the offending versions of ssh and openssh have been patched so that, although your version number indicates that you have a problem, the truth is that you're safe. All of this is, of course, dependent on you being up to date with security.debian.org updates.
Can someone confirm this please... Thanks, Liam On 22 Feb 2002 at 9:11, Walter Tautz wrote: > the following reports: > > http://www.cert.org/incident_notes/IN-2001-12.html > http://www.cert.org/advisories/CA-2001-35.html > > which apparently refers to ssh1 crc-32 compensation attack detector > and some other problems? > > Judging from the page there openssh is fixed only in version 2.3.0 > and later? Or has the one in potato been patched so that none of > these vulnerabilities. > > -walter > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > > -- Liam Ward DV4 t: +353 1 672 7250 e: [EMAIL PROTECTED] w: www.dv4.com
