| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 15 Nov 2007 17:15:30 +0000 From: "Nick Boyce" <nick.boyce@...il.com> To: Bugtraq <bugtraq@...urityfocus.com> Cc: security-alert@...com Subject: Re: HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges On Nov 12, 2007 7:57 PM, <security-alert@...com> wrote: > HPSBUX02287 SSRT071485 rev.1 - HP-UX Running HP Secure Shell, Remotely Gain Extended Privileges [...] > SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. > HP-UX B.11.11, B.11.23, and B.11.31 running HP Secure Shell If there's anyone from HP here, can you clarify whether or not HPUX 11.00 is omitted from the impacted list because it's not supported or because it's not affected - thanks. I know 11.00 is no longer supported, but we have a system running "HP-UX Secure Shell A.04.10.004" on HP-UX 11.00 that we cannot upgrade (due to application dependency), and I'd just like to know what our exposure is. The verbose product description is "HP-UX Secure Shell A.04.10.004/005, based on OpenSSH 4.1p1", part number T1471-90004. You don't have to go on the record - be as anonymous as you need. Thanks Nick Boyce -- "The system is repaired when ordinary greed takes over from extraordinary fear - and that's what we're working towards." Prof Larry Summers, US Treasury Secretary 1999-2001, commenting on the Northern Rock banking crisis on BBC Newsnight, 14th.Sept.2007 My, what a high civilisation we've built.
Powered by blists - more mailing lists