similar to: [Bug 737] CERT® Advisory CA-2003-26 - any effect on OpenSSH?

Hi All As many may have noticed the GNU Project's FTP server had been compromised as outlined in this CERT advisory[1]. I felt the urge to quickly hack together a small perl script to check my distfiles against the published md5 sums from FSF. Using this file as reference: ftp://ftp.gnu.org/before-2003-08-01.md5sums.asc (Check and Verify the PGP signature ![1]) [1] Full CERT advisory :

I''ve got qualcomm''s qpopper2.2, and am not sure if its vulnerable. The advisory mentions pop and imap servers, but only says: version of IMAP (Section B). If your POP server is based on the University of Washington IMAP server code, you should also upgrade to the latest version of IMAP. Until you can take one of these actions, I installed the new imapd about 3

I figured that someone reading this list might want to take a look at the proceeding, considering that the version of Snort in FreeBSD ports -is- affected. -----Forwarded Message----- > From: CERT Advisory <cert-advisory@cert.org> > To: cert-advisory@cert.org > Subject: CERT Advisory CA-2003-13 Multiple Vulnerabilities in Snort Preprocessors > Date: 17 Apr 2003 11:30:47 -0400

Will there be a BIND patch available for this vulnerability, for CentOS 3.9? http://www.kb.cert.org/vuls/id/800113

The following advisory was issued by CERT yesterday. Because it affects FreeBSD systems as well, we are forwarding it to the appropriate FreeBSD mailing lists. We would like to thanks CERT for cooperation with the FreeBSD security officer on this subject. -----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-98-13-tcp-denial-of-service Original Issue Date: December 21, 1998 Last Revised

For those who are unaware... [mod: This whole bind affair has gone a bit out of hand. Elias from Bugtraq found "public" info indicating the problem. ISC/CERT were working on releasing the bugfix together with the fix. Now everybody is scurrying to get fixes out now that "the public" knows about this. As far as I know, Red Hat (& Caldera) made a new RPM, based on the most

-------- Is this old? I couldn''t find it in the linux-security archives. If so, please disregard. Dan ------- Forwarded Message Return-Path: cppm_reg_sysadmins-owner@fnal.gov Received: from FNAL.FNAL.Gov (fnal.fnal.gov [131.225.9.8]) by sapphire.fnal.gov (8.8.7/8.8.7) with ESMTP id LAA27322 for <yocum@sapphire.fnal.gov>; Tue, 13 Oct 1998 11:12:23 -0500 Received: from raven

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:11 Security Advisory FreeBSD, Inc. Topic: ucd-snmp/net-snmp remotely exploitable vulnerabilities Category: ports Module: net-snmp Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:20.bind Security Advisory The FreeBSD Project Topic: Denial of Service in named(8) Category: contrib Module: bind Announced: 2006-09-06

>Date: Tue, 11 Aug 1998 13:21:06 -0400 >From: CERT Advisory <cert-advisory@cert.org> >To: cert-advisory@coal.cert.org >Subject: CERT Advisory CA-98.10 - mime_buffer_overflows >Reply-To: cert-advisory-request@cert.org >Organization: CERT(sm) Coordination Center - +1 412-268-7090 > >-----BEGIN PGP SIGNED MESSAGE----- >

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= CERT(sm) Advisory CA-96.21 Original issue date: September 19, 1996 Last revised: -- Topic: TCP SYN Flooding and IP Spoofing Attacks - ----------------------------------------------------------------------------- *** This advisory supersedes CA-95:01. *** Two

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-06:20.bind Security Advisory The FreeBSD Project Topic: Denial of Service in named(8) Category: contrib Module: bind Announced: 2006-09-06

Hi, We are using your product openssh 2.3.0p1 and we should upgrade to openssh 3.7.1p1 mainly for better SSH2 support but also for the bug reported on <http://www.kb.cert.org/vuls/id/333628> Is this problem located on the server side or on the client side, or both? Regards, Carin Andersson Software Developer Ericsson AB

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:12.bind9 Security Advisory The FreeBSD Project Topic: BIND 9 DNSSEC remote denial of service vulnerability Category: core Module: bind9

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:12.bind9 Security Advisory The FreeBSD Project Topic: BIND 9 DNSSEC remote denial of service vulnerability Category: core Module: bind9

I have a few questions: 1) Is OpenSSH 2.9p2 (or any other version of OpenSSH) vulnerable to the same problem as SSH3.0.0? (described here: http://www.kb.cert.org/vuls/id/737451 ) 2) There is a "SECURID" patch in the contrib section since 2.5.2p2. I am using it, but applying this patch to each new version is growing more difficult as time goes on. Would you consider merging this

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:15.tcp Security Advisory The FreeBSD Project Topic: TCP connection stall denial of service Category: core Module: inet Announced:

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:15.tcp Security Advisory The FreeBSD Project Topic: TCP connection stall denial of service Category: core Module: inet Announced:

On 15.06.2015 21:31, Christian Weisgerber wrote: > On 2015-06-15, Gerhard Wiesinger <lists at wiesinger.com> wrote: > >> I saw that OpenSSH release 6.7 removed all CBC ciphers by default. Is >> CBC therefore considered as broken and unsecure (in general or SSH >> implementation)? > CBC modes in SSH use the last encrypted block of the previous packet > as the IV

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:19.bind Security Advisory The FreeBSD Project Topic: bind8 negative cache poison attack Category: contrib Module: contrib_bind Announced: