|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: new openssh issue
On Tue, 16 Sep 2003 15:33:03 EDT, Richard A Steenbergen said: > > patched, but does anybody know whether there's a problem with the > > criscos? (as in "how do I configure my router for that?" ;-) > > Or better yet, the OpenSSH running on Junipers? Nothing on Juniper's site > about a vulnerability so far. A posting to full-disclosure quotes Theo as saying HP and Cisco are affected, and I don't see any reason that Juniper would *NOT* be, given the common code base of the OpenSSH implementations. I'm not going to say the routers are vulnerable, but I *would* say that ACLs blocking port 22 to the router might be a good idea..... Attachment:
pgp00020.pgp
|