Re: [Exim] Eximon vs. Exim Webapp security challenge

Top Page
Delete this message
Reply to this message
Author: Richard Welty
Date:  
To: EximUser List
Subject: Re: [Exim] Eximon vs. Exim Webapp security challenge
On Mon, 02 Feb 2004 19:14:18 -0500 Greg Folkert <greg@???> wrote:
> > Marc Haber wrote:


> > > Seriously, are there any current problems with openssh?


> And to answer Marc Haber, OpenSSH does not have any problems that I am
> currently aware of.


indeed. the last significant one i recall was the screwball integer overflow
bug that was discovered in a routine code audit by the OpenSSH team
themselves. it got a lot of (negative) publicity because of the oblique
way they handled the disclosure, but i have gone through the logic
behind their approach and concluded that they patched & disclosed
in the only manner that would avoid creating vulnerability problems for
secureid users. they really did think about what they were doing before
they did it.

richard
--
Richard Welty                                         rwelty@???
Averill Park Networking                                         518-573-7592
    Java, PHP, PostgreSQL, Unix, Linux, IP Network Engineering, Security