thr3ads.net - openssh unix dev - Patch for Authentication By-Pass Vulnerability in OpenSSH-2.3.1 [Feb 2001]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Alok Aggarwal

2001-Feb-15 23:52 UTC

Patch for Authentication By-Pass Vulnerability in OpenSSH-2.3.1

Does someone have the diffs for this development snapshot?

In protocol 2, authentication could be bypassed if public key authentication 
was permitted. This problem does exist only in OpenSSH 2.3.1. OpenSSH 2.3.0 and
versions newer than 2.3.1 are not vulnerable to this problem.

openssh unix dev - Feb 2001 - Patch for Authentication By-Pass Vulnerability in OpenSSH-2.3.1

Patch for Authentication By-Pass Vulnerability in OpenSSH-2.3.1