kevin at rainford.org.uk
Fri Feb 22 11:05:29 GMT 2002
There is no such thing as a non-vulnerable version of SSH1 If there was the problem
with fallback in SSH2 would not exist.
-- Kevin O'Connor
Ziptek Technologies Ltd.
On 22 Feb 2002 at 11:03, Sam Smith wrote:
> On Fri, 22 Feb 2002, Kevin O'Connor wrote:
> > Why would any one still be running SSH1. Implementations of SSH2 that
> > fallback on SSH1 for clients that cannot connect using SSH2 should be
> > removed from servers to prevent a known security hole.
> > http://www.cert.org/advisories/CA-2001-35.html
> Wouldn't it just be easier to upgrade the server to a non-vulnerable
> Incompetence: When you Earnestly Believe you can Compensate for a Lack of
> Skill by Doubling Your Efforts, there's no End to What you Can't Do.
More information about the Ukfreebsd