16 Sep
2003
16 Sep
'03
3:50 p.m.
On Tue, 16 Sep 2003 15:33:03 EDT, Richard A Steenbergen said:
patched, but does anybody know whether there's a problem with the criscos? (as in "how do I configure my router for that?" ;-)
Or better yet, the OpenSSH running on Junipers? Nothing on Juniper's site about a vulnerability so far.
A posting to full-disclosure quotes Theo as saying HP and Cisco are affected, and I don't see any reason that Juniper would *NOT* be, given the common code base of the OpenSSH implementations. I'm not going to say the routers are vulnerable, but I *would* say that ACLs blocking port 22 to the router might be a good idea.....