[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] new ssh exploit?

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] new ssh exploit?
From: Shanphen Dawa <list@xxxxxxxxxxxxx>
Date: Tue, 16 Sep 2003 16:41:28 -0500

Do you have a site, with maybe comparisons between the two? I am always looking 
for bigger and better things :-)

On Tue, 16 Sep 2003 13:39:27 -0400
Bennett Todd <bet@xxxxxxxxx> wrote:

> 2003-09-16T11:25:47 Ron DuFresne:
> > On Mon, 15 Sep 2003, christopher neitzert wrote:
> > > 1. upgrade to lsh.
> >
> > But, one has to remember ssh does not stand alone, at least openssh, it
> > needs openssl to be properly maintained as well.
> 
> Another incentive to ditch openssh altogether. lsh seems to work
> fine. At last.
> 
> lsh doesn't use openssl. It is a completely different code base from
> the other sshes.
> 
> It's ssh v2 only; I think that's a transition whose time has come.
> 
> -Bennett
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] new ssh exploit?
  - From: christopher neitzert
- Re: [Full-Disclosure] new ssh exploit?
  - From: Ron DuFresne
- Re: [Full-Disclosure] new ssh exploit?
  - From: Bennett Todd

Prev by Date: [Full-Disclosure] [RHSA-2003:269-01] Updated KDE packages fix security issues
Next by Date: Re: [Full-Disclosure] openssh remote exploit
Previous by thread: Re: lsh patch (was Re: [Full-Disclosure] new ssh exploit?)
Next by thread: Re: [Full-Disclosure] new ssh exploit?
Index(es):
- Date
- Thread