This is an abolutely worhtless exploit. So they can tell if an account exists on the system. Big F. Deal. When you say remote exploit I expect something like root-shell access. Spammers might...... use to find email accounts, but I'm not going to hurry around patching machines. > On Tue, 16 Sep 2003, Guy Fraser wrote: > >> Does anyone know when OpenSSH 3.7 will be available. >> >> There is an exploit on all previous releases. >> >> http://securityfocus.com/bid/7467/info/ > > OpenSSH is already available on the OpenSSH mirrors. A backported fix is > already available from updates.redhat.com or up2date. > > -- > Matthew Saltzman > > Clemson University Math Sciences > mjs AT clemson DOT edu > http://www.math.clemson.edu/~mjs > > > -- > Shrike-list mailing list > Shrike-list@xxxxxxxxxx > https://www.redhat.com/mailman/listinfo/shrike-list > -- Shrike-list mailing list Shrike-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/shrike-list
