RE: Portable OpenSSH 3.7.1p1 is vulnerable

From: Johnson, Michael <Michael.Johnson.03_at_**********.***>
Date: Tue Sep 23 2003 - 16:39:17 EDT

PAM is a Unix/Linux thing. This should not affect Cygwin or Windows (Cygwin
OpenSSH uses passwd authentication, which seems to be handled by the Cygwin1
dll).

 -Michael

-----Original Message-----
From: Frank Pikelner [mailto:pikelner@rogers.com]
Sent: Tuesday, September 23, 2003 12:12 PM
To: 'Secure Shell Discussions'
Subject: RE: Portable OpenSSH 3.7.1p1 is vulnerable

I'm running some domain controllers that use openssh with domain accounts.
Does active directory authentication for SSH (domain accounts) use PAM?

Thanks,

Frank

-----Original Message-----
From: ssh-l-bounces@erdelynet.com [mailto:ssh-l-bounces@erdelynet.com] On
Behalf Of Grzegorz Niemirowski
Sent: September 23, 2003 1:44 PM
To: Secure Shell Discussions
Subject: Portable OpenSSH 3.7.1p1 is vulnerable

http://www.openssh.com/txt/sshpam.adv

Grzegorz Niemirowski
www.grzegorz.net 

--
List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/
List Archives:    http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Go to http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and
enter your email address at the bottom to "Edit Options". If you don't know
your password, have it emailed to you. Then unsubscribe.
--
List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/
List Archives:    http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Go to http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and
enter your email address at the bottom to "Edit Options". If you don't know
your password, have it emailed to you. Then unsubscribe.
###########################################
This message has been scanned by F-Secure Anti-Virus for Microsoft Exchange.
For more information, connect to http://www.F-Secure.com/
--
List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/
List Archives:    http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Go to http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and enter your email address at the bottom to "Edit Options". If you don't know your password, have it emailed to you. Then unsubscribe.
Received on Tue Sep 23 17:47:41 2003

This archive was generated by hypermail 2.1.8 : Fri Jul 29 2005 - 17:33:59 EDT